High severity7.5NVD Advisory· Published Apr 18, 2026· Updated Apr 21, 2026
CVE-2026-30912
CVE-2026-30912
Description
In case of SQL errors, exception/stack trace of errors was exposed in API even if "api/expose_stack_traces" was set to false. That could lead to exposing additional information to potential attacker. Users are recommended to upgrade to Apache Airflow 3.2.0, which fixes the issue.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
apache-airflow-corePyPI | < 3.2.0 | 3.2.0 |
Affected products
3- osv-coords2 versions
< 3.2.0+ 1 more
- (no CPE)range: < 3.2.0
- (no CPE)range: < 3.2.0
Patches
Vulnerability mechanics
References
6- www.openwall.com/lists/oss-security/2026/04/17/5nvdMailing ListThird Party AdvisoryWEB
- github.com/advisories/GHSA-w7cf-2pmc-5m4cghsaADVISORY
- lists.apache.org/thread/tp6kz1hnfb3zsrrtg19myo8x5x80w8r9nvdVendor AdvisoryMailing ListWEB
- nvd.nist.gov/vuln/detail/CVE-2026-30912ghsaADVISORY
- github.com/apache/airflow/pull/63028nvdIssue TrackingWEB
- github.com/pypa/advisory-database/tree/main/vulns/apache-airflow/PYSEC-2026-18.yamlghsaWEB
News mentions
0No linked articles in our index yet.