CVE-2025-62402 | Apache Airflow up to 3.1.0 API /api/v2/dagReports code injection

A vulnerability, which was classified as critical, has been found in Apache Airflow up to 3.1.0. This affects an unknown part of the file /api/v2/dagReports of the component API. This manipulation causes code injection.

This vulnerability is handled as CVE-2025-62402. The attack can be initiated remotely. There is not any exploit available.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More