Apache Airflow maintainers have disclosed a serious security issue, tracked as CVE-2025-54831, that allows users holding only read permissions to view sensitive connection details via both the Airflow API and web interface. The vulnerability, present in Airflow version 3.0.3, undermines the platform’s intended “write-only” treatment of secrets in Connections and could lead to unauthorized exposure […] The post Apache Airflow Vulnerability Lets Read-Only Users Access Sensitive Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/apache-airflow-vulnerability/
