CVE-2026-40861 - Vulnerability Details

- Apache Airflow: Arbitrary File Read via Log Symlink following in FileTaskHandler

Description

A Dag author could either (a) create a symlink under their task's log directory pointing to an arbitrary file readable by the API server process (read-path attack — e.g. `/etc/passwd` or `airflow.cfg`) or (b) supply a `task_id` containing `..` sequences accepted by the Task SDK's `KEY_REGEX` (write-path attack), and in both cases the FileTaskHandler resolves the log path outside the configured `base_log_folder`, leaking or overwriting arbitrary files. Only affects deployments where the worker log folder is shared with the API server. Users are advised to upgrade to `apache-airflow` 3.2.2 or later. As a defense-in-depth mitigation, deploy the worker and API server with separate log volumes so that worker-controlled paths cannot reach the API server's filesystem.

Published: 2026-06-01

Score: n/a

EPSS: n/a

KEV: No

Impact:

Action:

Analysis

Impact

A DAG author can create a symbolic link inside the task's log directory or supply a task_id that contains path traversal tokens. The FileTaskHandler then resolves the target file outside the configured base_log_folder, allowing the API server process to read or overwrite arbitrary files such as /etc/passwd or airflow.cfg. This flaw exposes confidential data and permits modification of system configuration, effectively compromising confidentiality and integrity of the deployment.

Affected Systems

Apache Airflow, published by the Apache Software Foundation. Deployments prior to version 3.2.2 are affected, particularly those that share the worker log folder with the API server. The issue does not affect isolated worker setups where the log volume is not accessible to the API server.

Risk and Exploitability

The vulnerability can be exploited by any actor who can author or modify a DAG, which often requires administrative permissions. No public Exploit Probability Score (EPSS) is available and the flaw is not listed in the CISA KEV catalog, but the CVSS is not disclosed. The attack path requires the ability to create files in the worker log directory and to trigger a task run that resolves the path, making the risk high in environments where DAG authors are trusted but the log volume is shared.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Apache Software Foundation

Apache Airflow

unaffected

Version	Status	Constraints
`0`	affected	< 3.2.2

No data.

No data available yet.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Patch Apache Airflow to version 3.2.2 or later.
Deploy the worker and API server with separate, non‑shared log directories so that symlinks created by workers cannot reach the API server’s filesystem.
Limit DAG author privileges so that only trusted users can create DAGs or specify task_id values that could contain path traversal sequences.

Generated by OpenCVE AI on June 1, 2026 at 10:26 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://github.com/apache/airflow/pull/65325
https://lists.apache.org/thread/823334db2559xjlwt59gpzjz47thnscl

History

Mon, 01 Jun 2026 09:15:00 +0000

Type	Values Removed	Values Added
Description		A Dag author could either (a) create a symlink under their task's log directory pointing to an arbitrary file readable by the API server process (read-path attack — e.g. `/etc/passwd` or `airflow.cfg`) or (b) supply a `task_id` containing `..` sequences accepted by the Task SDK's `KEY_REGEX` (write-path attack), and in both cases the FileTaskHandler resolves the log path outside the configured `base_log_folder`, leaking or overwriting arbitrary files. Only affects deployments where the worker log folder is shared with the API server. Users are advised to upgrade to `apache-airflow` 3.2.2 or later. As a defense-in-depth mitigation, deploy the worker and API server with separate log volumes so that worker-controlled paths cannot reach the API server's filesystem.
Title		Apache Airflow: Arbitrary File Read via Log Symlink following in FileTaskHandler
Weaknesses		CWE-59
References		https://github.com/apache/airflow/pull/65325 https://lists.apache.org/thread/823334db2559xjlwt59gpzjz47thnscl

Subscriptions

No data.

MITRE

Status: PUBLISHED

Assigner: apache

Published: 2026-06-01T07:55:37.566Z

Updated: 2026-06-01T09:52:20.189Z

Reserved: 2026-04-15T13:58:24.192Z

Link: CVE-2026-40861

Vulnrichment

No data.

NVD

Status : Received

Published: 2026-06-01T09:16:17.893

Modified: 2026-06-01T09:16:17.893

Link: CVE-2026-40861

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-06-01T10:30:26Z

Weaknesses

CWE-59

Impact

Affected Systems

Risk and Exploitability

Tracking

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object