Cyber Posture

CVE-2026-33858

High

Published: 13 April 2026

Published
13 April 2026
Modified
17 April 2026
KEV Added
Patch
CVSS Score 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0017 37.8th percentile
Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Description

Dag Authors, who normally should not be able to execute code in the webserver context could craft XCom payload causing the webserver to execute arbitrary code. Since Dag Authors are already highly trusted, severity of this issue is Low. Users…

more

are recommended to upgrade to Apache Airflow 3.2.0, which resolves this issue.

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match
prevent

Directly requires timely identification, reporting, and correction of the deserialization flaw in Apache Airflow via patching to version 3.2.0.

SI-10 Information Input Validation good match
prevent

Mandates validation of XCom payloads at deserialization points to prevent processing of malicious payloads leading to arbitrary code execution.

RA-5 Vulnerability Monitoring and Scanning good match
prevent

Vulnerability scanning identifies deserialization vulnerabilities like CWE-502 in the Airflow webserver for proactive remediation.

Security SummaryAI

CVE-2026-33858 is a deserialization vulnerability (CWE-502) in Apache Airflow versions prior to 3.2.0, published on 2026-04-13. It allows Dag Authors, who typically lack permissions to execute code in the webserver context, to craft malicious XCom payloads that trigger arbitrary code execution on the webserver. Despite the high CVSS v3.1 score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), the issue is rated low severity due to the high trust already placed in Dag Authors.

An attacker with Dag Author privileges can exploit this remotely over the network with low complexity and no user interaction required. By pushing a specially crafted XCom payload, they achieve full remote code execution on the Airflow webserver, potentially compromising confidentiality, integrity, and availability of the system.

Apache Airflow advisories recommend upgrading to version 3.2.0, which resolves the vulnerability. Relevant discussions and the fixing pull request are available at https://github.com/apache/airflow/pull/64148, https://lists.apache.org/thread/1npt3o2x81s0gw9tmfcv4n7p1z9hdmy0, and http://www.openwall.com/lists/oss-security/2026/04/13/7.

Details

CWE(s)
CWE-502

Affected Products

apache
airflow
3.1.8 — 3.2.0

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
attack.mitre.org →
T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
attack.mitre.org →
Why these techniques?

Deserialization vulnerability (CWE-502) enables remote authenticated (PR:L) attackers to achieve arbitrary RCE on the webserver via crafted XCom payloads, directly facilitating T1190 (Exploit Public-Facing Application) and T1068 (Exploitation for Privilege Escalation).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

References