CVE-2026-40963 | Apache Airflow up to 3.2.1 structure_data authorization

A vulnerability classified as problematic has been found in Apache Airflow up to 3.2.1. Affected by this issue is some unknown functionality of the file /ui/structure/structure_data. This manipulation causes authorization bypass.

This vulnerability is registered as CVE-2026-40963. Remote exploitation of the attack is possible. No exploit is available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More