Ghostwire

CVE-2026-31987: JWT Tokens used by tasks were exposed in logs. This could allow UI users to act as Dag Authors. Users are advised to...

HIGH CVSS 7.5 Exploit Available

Published: April 16, 2026 | Last Modified: April 16, 2026

Description

JWT Tokens used by tasks were exposed in logs. This could allow UI users to act as Dag Authors. Users are advised to upgrade to Airflow version that contains fix. Users are recommended to upgrade to version 3.2.0, which fixes this issue.

Ghostwire Analysis — What This Means Practically

High CVSS score indicates significant risk — exploitation could lead to substantial data exposure or system compromise.
Exploit code is reported to be available, increasing the likelihood of active exploitation.

This analysis is generated by Ghostwire from NVD, CISA KEV, EPSS, and open-source intelligence data. Verify findings through primary sources before acting.

Security Coverage (2 articles)

References

www.tenable.com/cve/CVE-2026-31987
www.cnnvd.org.cn/home/globalSearch?keyword=CVE-2026-31987
nvd.nist.gov/vuln/detail/CVE-2026-31987
github.com/apache/airflow/issues/62428
github.com/apache/airflow/issues/62773
github.com/apache/airflow/pull/62964
lists.apache.org/thread/pvsrtxzwo9xy6xgknmwslv4zrw70kt6g
www.openwall.com/lists/oss-security/2026/04/16/7
github.com/advisories/GHSA-phv5-vq5p-qhp7