CVE-2026-33858 | Apache Airflow up to 3.1.x deserialization (EUVD-2026-21978)

A vulnerability marked as critical has been reported in Apache Airflow up to 3.1.x. The affected element is an unknown function. Performing a manipulation results in deserialization.

This vulnerability is known as CVE-2026-33858. Remote exploitation of the attack is possible. No exploit is available.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More