Volerion logoVolerion
Volerion logoVolerion

Apache Airflow Log Template History Vulnerability Leading to Remote Code Execution

Vulnerability

A vulnerability in Apache Airflow versions prior to 2.11.1 allows DAG Authors to manipulate the database and execute arbitrary code in the web server context. This issue arises when a user views historical task information, potentially leading to remote code execution on the server side. The vulnerability is related to the log template history feature, which has been disabled by default in Airflow 2.11.1. Users who wish to continue using log template history should upgrade to Airflow 3 or manually adjust historical log file names to access logs generated before the last log template change.

Impact

Exploitation of this vulnerability could result in unauthorized code execution on the web server, with potential remote code execution implications.

Remediation

Users are advised to upgrade to Apache Airflow 3. If upgrading is not possible, historical log file names can be manually modified to access logs generated before the last log template change.

Added: Feb 24, 2026, 10:18 AM
Updated: Feb 24, 2026, 4:44 PM

Vulnerability Rating

Custom Algorithm
spread
5.0
impact
10.0
exploitability
5.0
remediation
8.3
relevance
3.1
threat
0.0
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.