CVE-2025-65995 PUBLISHED

Apache Airflow: Disclosure of secrets to UI via kwargs

Assigner: apache
Reserved: 18.11.2025 Published: 21.02.2026 Updated: 21.02.2026

When a DAG failed during parsing, Airflow’s error-reporting in the UI could include the full kwargs passed to the operators. If those kwargs contained sensitive values (such as secrets), they might be exposed in the UI tracebacks to authenticated users who had permission to view that DAG.

The issue has been fixed in Airflow 3.1.4 and 2.11.1, and users are strongly advised to upgrade to prevent potential disclosure of sensitive information.

Product Status

Vendor	Apache Software Foundation
Product	Apache Airflow
Versions	Default: unaffected affected from 3.0.0 to 3.1.4 (excl.) affected from 0 to 2.11.1 (excl.)

Credits

Frieder Gottman (Cariad) finder
Jens Scheffler (Bosch) reporter
Jens Scheffler (Bosch) remediation developer

References

https://github.com/apache/airflow/pull/58252
https://lists.apache.org/thread/1qzlrjo2wmlzs0rrgzgslj2pzkor0dr2
https://github.com/apache/airflow/pull/61883

Problem Types

CWE-209 Generation of Error Message Containing Sensitive Information CWE