CVE-2025-54941 | Apache Airflow up to 3.0.4 example_dag_decorator command injection

October 30, 2025 Yanac

A vulnerability described as critical has been identified in Apache Airflow up to 3.0.4. This impacts the function example_dag_decorator. Such manipulation leads to command injection.

This vulnerability is uniquely identified as CVE-2025-54941. The attack can be launched remotely. No exploit exists.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More

CVE-2025-5803 | VikBooking Hotel Booking Engine & PMS Plugin up to 1.8.2 on WordPress authorization
CVE-2025-54459 | Vertikal Systems Hospital Manager Backend Services /trace.axd exposure of sensitive system information to an unauthorized control sphere (icsma-25-301-01)