CVE-2025-65995 is a vulnerability classified under CWE-209 (Generation of Error Message Containing Sensitive Information) affecting Apache Airflow, an open-source platform used for programmatically authoring, scheduling, and monitoring workflows (DAGs). When a DAG fails during parsing, Airflow’s error reporting mechanism in the UI would display the full keyword arguments (kwargs) passed to operators involved in the DAG. These kwargs could contain sensitive information such as passwords, API keys, or other secrets. Because the error tracebacks are visible to authenticated users who have permission to view the DAG, this leads to unintended exposure of confidential data. The vulnerability affects Airflow versions 3.0.0 and earlier, specifically fixed in versions 3.1.4 and 2.11.1. The CVSS v3.1 base score is 6.5 (medium severity), with an attack vector of network (remote), low attack complexity, requiring privileges (authenticated user with DAG view rights), no user interaction, and high impact on confidentiality but no impact on integrity or availability. No known exploits have been reported in the wild. The root cause is insufficient sanitization or filtering of sensitive data in error messages displayed in the UI, violating secure error handling best practices.

The primary impact of this vulnerability is the potential disclosure of sensitive information such as secrets, credentials, or configuration parameters embedded in DAG operator kwargs. This can lead to unauthorized access to critical systems or data if attackers or unauthorized insiders gain access to these secrets. Since the vulnerability requires authenticated access with DAG view permissions, the risk is limited to users who already have some level of access to the Airflow environment. However, in environments where many users have DAG viewing rights or where Airflow is exposed to a large user base, the risk of sensitive data leakage increases. This could facilitate further attacks such as privilege escalation, lateral movement, or data exfiltration. The vulnerability does not affect system integrity or availability directly but compromises confidentiality, which is critical in environments handling sensitive workflows and data pipelines.

Organizations should upgrade Apache Airflow to version 3.1.4 or 2.11.1 or later where this vulnerability is fixed. Until upgrading, administrators should audit and minimize the exposure of sensitive information in DAG kwargs, avoiding embedding secrets directly in operator parameters. Implement strict access controls to limit DAG viewing permissions only to trusted users. Additionally, consider enabling logging and monitoring to detect unusual access patterns to Airflow UI error pages. Employ secret management solutions external to Airflow to avoid hardcoding secrets in DAG definitions. Review and sanitize error reporting configurations to ensure sensitive data is not exposed in logs or UI. Regularly review Airflow configurations and user permissions to reduce the attack surface.