CVE-2025-67895 – This vulnerability allows authenticated DAG aut... (How to Fix)

Q: What is the severity of CVE-2025-67895?

CVE-2025-67895 has a CVSS score of 9.8 (CRITICAL). This vulnerability allows authenticated DAG authors in Apache Airflow 2 to perform remote code execution in the webserver context via an improperly exposed Edge3 provider API. Only systems running Airflow 2 with the Edge3 provider installed and configured are affected. Airflow 3 users are not vulnerable.

📋 TL;DR

This vulnerability allows authenticated DAG authors in Apache Airflow 2 to perform remote code execution in the webserver context via an improperly exposed Edge3 provider API. Only systems running Airflow 2 with the Edge3 provider installed and configured are affected. Airflow 3 users are not vulnerable.

💻 Affected Systems

Products:

Apache Airflow Providers Edge3

Versions: All versions before 2.0.0

Operating Systems: All operating systems running Airflow

Default Config Vulnerable: ✅ No

Notes: Only vulnerable if Edge3 provider is explicitly installed and configured on Airflow 2. The provider was development-only and never officially released for Airflow 2.

📦 What is this software?

Apache Airflow Providers Edge3 by Apache

View all CVEs affecting Apache Airflow Providers Edge3 →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full webserver compromise leading to complete system takeover, data exfiltration, and lateral movement within the environment.

🟠

Likely Case

Unauthorized code execution by DAG authors leading to privilege escalation, data manipulation, and potential persistence mechanisms.

🟢

If Mitigated

Limited impact due to proper access controls and network segmentation, but still represents a significant security boundary violation.

🌐 Internet-Facing: HIGH if Airflow webserver is internet-accessible, as authenticated DAG authors could execute arbitrary code.

🏢 Internal Only: HIGH as authenticated DAG authors already have internal access and can exploit this for privilege escalation.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires DAG author privileges and knowledge of the improperly exposed API endpoint.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Edge3 provider version 2.0.0 and above

Vendor Advisory: https://lists.apache.org/thread/hhnmmzkj5qx5gbk6pdkh8tcsx5oj1nqs

Restart Required: Yes

Instructions:

1. Uninstall Edge3 provider from Airflow 2: 'pip uninstall apache-airflow-providers-edge3'. 2. Migrate to Airflow 3 if Edge3 functionality is required. 3. For Airflow 3, install Edge3 provider 2.0.0+: 'pip install apache-airflow-providers-edge3>=2.0.0'.

🔧 Temporary Workarounds

Immediate Edge3 Provider Removal

all

Remove the vulnerable Edge3 provider from Airflow 2 installations

pip uninstall apache-airflow-providers-edge3

Network Isolation

all

Restrict access to Airflow webserver to only trusted users and networks

🧯 If You Can't Patch

Immediately remove Edge3 provider from all Airflow 2 installations
Implement strict network segmentation and access controls for Airflow webserver

🔍 How to Verify

Check if Vulnerable:

Check if Edge3 provider is installed on Airflow 2: 'pip list | grep apache-airflow-providers-edge3'. If version is below 2.0.0 and Airflow version is 2.x, system is vulnerable.

Check Version:

pip show apache-airflow-providers-edge3 | grep Version

Verify Fix Applied:

Verify Edge3 provider is uninstalled: 'pip list | grep -i edge3' should return no results for Airflow 2. For Airflow 3, verify Edge3 provider version is 2.0.0+: 'pip show apache-airflow-providers-edge3 | grep Version'.

📡 Detection & Monitoring

Log Indicators:

Unusual API calls to Edge3 provider endpoints
Unexpected process execution from Airflow webserver context
Authentication logs showing DAG authors accessing non-standard endpoints

Network Indicators:

HTTP requests to Edge3-specific API endpoints from DAG author accounts
Outbound connections from Airflow webserver to unexpected destinations

SIEM Query:

source="airflow" AND (uri="*edge3*" OR process_execution="*webserver*")

📊 Metadata

CVE ID: CVE-2025-67895

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-669

EPSS Score: 0.33% exploit probability (55.7th percentile)

Published: December 17, 2025

Last Updated: December 22, 2025

🔗 References

https://github.com/apache/airflow/pull/59143 Issue Tracking,Patch
https://lists.apache.org/thread/hhnmmzkj5qx5gbk6pdkh8tcsx5oj1nqs Mailing List
http://www.openwall.com/lists/oss-security/2025/12/16/3 Mailing List

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-67895, you might also want to check these: