VYPR
Moderate severityNVD Advisory· Published Mar 9, 2026· Updated Mar 9, 2026

Apache Airflow AWS Auth Manager - Host Header Injection Leading to SAML Authentication Bypass

CVE-2026-25604

Description

In AWS Auth manager, the origin of the SAML authentication has been used as provided by the client and not verified against the actual instance URL. This allowed to gain access to different instances with potentially different access controls by reusing SAML response from other instances.

You should upgrade to 9.22.0 version of provider if you use AWS Auth Manager.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
apache-airflow-providers-amazonPyPI
< 9.22.09.22.0

Affected products

5

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.