PatchSiren cyber security CVE debrief
CVE-2026-49298 Apache Software Foundation CVE debrief
A vulnerability in Apache Airflow's KubernetesExecutor exposes JWT authentication tokens through worker pod command-line arguments, enabling privilege escalation for attackers with Kubernetes read-only access in the Airflow namespace. The flaw affects deployments using KubernetesExecutor and requires complementary fixes on both the core Airflow platform and the CNCF Kubernetes provider.
- Vendor
- Apache Software Foundation
- Product
- Apache Airflow
- CVSS
- Unknown
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-01
- Original CVE updated
- 2026-06-01
- Advisory published
- 2026-06-01
- Advisory updated
- 2026-06-01
Who should care
Organizations running Apache Airflow with KubernetesExecutor, particularly multi-tenant or shared Kubernetes clusters where namespace-level read access may be granted to users who should not have Execution API privileges. Security teams responsible for secrets management in container orchestration environments and Airflow administrators managing upgrade pipelines for core and provider packages.
Technical summary
In Apache Airflow deployments using KubernetesExecutor, worker pods receive JWT tokens for Execution API authentication via command-line arguments in the pod specification. This placement makes tokens visible to any principal with Kubernetes read access to pods in the Airflow namespace, including through kubectl describe pod output. An attacker with such access can harvest the JWT and impersonate a running task to call state-mutating Execution API endpoints. The vulnerability is addressed by upgrading apache-airflow to 3.2.2 or later. A related provider-side fix was previously released in apache-airflow-providers-cncf-kubernetes 10.17.0 under CVE-2026-27173; both upgrades are required for comprehensive remediation.
Defensive priority
high
Recommended defensive actions
- Upgrade apache-airflow to version 3.2.2 or later to apply the core platform fix for this vulnerability
- If not already done, upgrade apache-airflow-providers-cncf-kubernetes to version 10.17.0 or later per CVE-2026-27173 guidance to apply the complementary provider-side fix
- Verify that both the core Airflow package and the CNCF Kubernetes provider are at patched versions, as the two fixes are complementary and both are required for complete protection
- Review Kubernetes RBAC configurations to ensure least-privilege access to pod specifications in Airflow namespaces
- Audit Execution API access logs for anomalous state-mutating operations (Dag run triggers, run clears, Variable/Connection/XCom modifications) that may have originated from compromised tokens
- Rotate any potentially exposed JWT tokens after patching, particularly if Kubernetes read-only access by untrusted parties cannot be ruled out
Evidence notes
CVE published 2026-06-01; NVD status Undergoing Analysis as of source capture. CWE-538 (Insertion of Sensitive Information into Externally-Accessible File or Directory) identified by Apache security team. Fix shipped in apache-airflow 3.2.2 via GitHub pull request 60108. Complementary provider-side fix previously released in apache-airflow-providers-cncf-kubernetes 10.17.0 per CVE-2026-27173.
Official resources
2026-06-01