PatchSiren cyber security CVE debrief
CVE-2026-42360 Apache Software Foundation CVE debrief
A vulnerability in Apache Airflow's rendered-template field handling allows nested sensitive-key masking to be bypassed when rendered fields exceed the configured `[core] max_templated_field_length` threshold. When this limit is exceeded, Airflow stringifies the JSON structure before applying redaction, causing nested keys such as `password`, `token`, `secret`, and `api_key` to lose their contextual masking. The resulting plaintext values are persisted into `rendered_fields`, where they can be retrieved by authenticated UI or API users with permission to read rendered template fields. This issue affects deployments where DAG authors pass structured JSON to operators containing nested sensitive keys. The vulnerability is a variant of CWE-200 (Information Exposure) and represents an incomplete fix for CVE-2025-68438, which addressed user-registered `mask_secret()` patterns but did not extend protection to the nested sensitive-keyword allowlist. Users who previously upgraded for CVE-2025-68438 must additionally upgrade to `apache-airflow` 3.2.2 or later to close this nested-key exposure path.
- Vendor
- Apache Software Foundation
- Product
- Apache Airflow
- CVSS
- Unknown
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-01
- Original CVE updated
- 2026-06-01
- Advisory published
- 2026-06-01
- Advisory updated
- 2026-06-01
Who should care
Organizations running Apache Airflow deployments where DAGs pass structured JSON with nested credentials to operators, particularly those who applied the CVE-2025-68438 patch but have not yet upgraded to 3.2.2. Security teams managing secret rotation programs and compliance auditors verifying masking controls for rendered template data should prioritize this fix.
Technical summary
When Apache Airflow renders template fields containing nested JSON structures with sensitive keys (password, token, secret, api_key), the normal masking allowlist is bypassed if the rendered output exceeds `[core] max_templated_field_length`. The system stringifies the structure before redaction, flattening nested key context and causing plaintext secrets to be persisted in `rendered_fields`. Authenticated users with read access to rendered fields can then retrieve these unmasked values. The fix in Airflow 3.2.2 ensures nested sensitive-keyword masking is applied prior to any length-based stringification.
Defensive priority
high
Recommended defensive actions
- Upgrade to `apache-airflow` 3.2.2 or later to obtain the nested sensitive-keyword allowlist fix that extends CVE-2025-68438 protections
- Review and reduce `[core] max_templated_field_length` configurations if set to values that may trigger premature stringification of large structured templates
- Audit existing `rendered_fields` entries in the Airflow metadata database for any historically exposed nested secrets, particularly in deployments that processed large JSON templates between the CVE-2025-68438 patch and
- Validate that DAG authoring practices avoid placing sensitive values in nested JSON structures passed to operator templates where possible
- Ensure Airflow UI/API access controls for rendered template field reading are restricted to the minimum necessary principals
- Monitor for anomalous access patterns to rendered template endpoints that may indicate secret harvesting activity
Evidence notes
The vulnerability description indicates that Airflow's masking logic fails specifically when the rendered field length exceeds `max_templated_field_length`, causing premature stringification before nested key redaction. The fix is identified as `apache-airflow` 3.2.2 or later. The issue is explicitly framed as a follow-on to CVE-2025-68438, with the same CWE-200 classification.
Official resources
2026-06-01