CVE-2026-27173

8.7 HIGH

Published: May 19, 2026 Modified: May 19, 2026

Description

JWT tokens that were used by workers in Kubernetes Executors have been exposed to users who had read only access to Kuberentes Pods. This could allow users with just read-only access to perform actions that were only available to running tasks via Task SDK and potentially allow to modify state of Airflow Database for tasks.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0

Vector String

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

https://github.com/apache/airflow/pull/60108

Source: security@apache.org

https://lists.apache.org/thread/pk3m2z4s2rkmc0v6gh9hnch9spc6stqw

Source: security@apache.org

http://www.openwall.com/lists/oss-security/2026/05/19/35

Source: af854a3a-2127-422b-91ae-364da2661108

3 reference(s) from NVD

Quick Stats

CVSS v3 Score

8.7 / 10.0

EPSS (Exploit Probability)

0.2%

5th percentile

Exploitation Status

Not in CISA KEV

Weaknesses (CWE)

CWE-538

Related CVEs

CVE-2026-48777 N/A

CVE-2026-47750 7.8

CVE-2026-47747 7.8

CVE-2026-46448 5.4

CVE-2026-22313 9.1