Apache Airflow Flaws Leak Sensitive Credentials in UI via DAG Tracebacks & Template Rendering

The maintainers of Apache Airflow, the industry-standard platform for programmatic workflow authoring, have released a crucial security update to plug leaks that could expose sensitive credentials to authenticated users. The release of version 3.1.4 addresses two distinct vulnerabilities where the application’s user interface (UI) inadvertently displayed secret values that should have been redacted.

The more severe of the two issues (CVE-2025-65995), rated as Moderate severity, involves how Airflow handles error reporting during DAG (Directed Acyclic Graph) parsing failures.

When a DAG fails to parse, the system generates a traceback to help developers debug the issue. However, researchers found that this report was too detailed for its own good. “Airflow’s error-reporting in the UI could include the full kwargs passed to the operators,” the advisory explains.

The danger lies in what those arguments contain. “If those kwargs contained sensitive values (such as secrets), they might be exposed in the UI tracebacks to authenticated users who had permission to view that DAG” . This essentially means a developer debugging a failed workflow could accidentally view API keys or passwords belonging to a different part of the infrastructure.

A second vulnerability (CVE-2025-66388), rated as Low severity, was found in how the platform renders templates. In complex workflows, templates are often used to dynamically generate commands, but they sometimes need to handle sensitive variables.

According to the report, “A vulnerability in Apache Airflow allowed authenticated UI users to view secret values in rendered templates due to secrets not being properly redacted”. This failure in the redaction mechanism effectively broke the authorization boundary, “potentially exposing secrets to users without the appropriate authorization”.

Both vulnerabilities affect versions of Apache Airflow prior to 3.1.4. The development team has patched both leak vectors in the latest release.

Administrators are urged to update their instances immediately.

Related Posts:

• Apache Airflow patches multiple vulnerabilities affecting its packages
• Data Exfiltration and RCE Risks Found in Azure Data Factory’s Airflow Integration
• CVE-2025-54831: Apache Airflow Bug Exposes Sensitive Connection Passwords to Read-Only Users
• CVE-2022-38054: Apache Airflow session hijacking vulnerability