Apache Airflow: Wildcard DagVersion Listing Bypasses Per‑DAG RBAC and Leaks Metadata

Vulnerability

CVE-2026-26929 is an authorization bypass vulnerability in Apache Airflow versions 3.0.0 through 3.1.7. The FastAPI DagVersion listing API fails to apply per-DAG authorization filtering when the request is made with dag_id set to "~" (a wildcard representing all DAGs). This means that the API returns version metadata for DAGs even when the requester does not have the necessary permissions to access those specific DAGs [2][4].

Exploitation

An attacker can exploit this vulnerability by sending a request to the DagVersion listing API with dag_id="~". No special privileges are required beyond having access to the API endpoint, as the authorization check is simply skipped for the wildcard case. The attacker does not need to be authenticated as an administrator; any user with network access to the Airflow API can potentially enumerate version metadata of all DAGs in the environment [2][4].

Impact

Successful exploitation allows an attacker to retrieve version metadata of DAGs they are not authorized to view. This information could include version numbers, timestamps, and other metadata that may reveal sensitive details about the workflow definitions and their evolution. While this is a low-severity issue, it violates the principle of least privilege and could aid in further reconnaissance [2][4].

Mitigation

The vulnerability is fixed in Apache Airflow 3.1.8. Users running versions 3.0.0 through 3.1.7 should upgrade to 3.1.8 or later. The fix was implemented in pull request #61675, which ensures that per-DAG authorization is enforced even when the wildcard "~" is used [3][4]. No workarounds are documented; upgrading is the recommended action.