CVE-2026-41016 | Apache Airflow Providers SMTP up to 2.x Self-Signed Certificate smtplib.SMTP.starttls certificate validation

A vulnerability identified as critical has been detected in Apache Airflow Providers SMTP up to 2.x. The impacted element is the function smtplib.SMTP.starttls of the component Self-Signed Certificate Handler. The manipulation leads to improper certificate validation.

This vulnerability is uniquely identified as CVE-2026-41016. The attack is possible to be carried out remotely. No exploit exists.

You should upgrade the affected component.VulDB Recent EntriesRead More