Zero Day MonitorZDM
DashboardVulnerabilitiesTrendingZero-DaysNewsAbout
Login
ImpressumPrivacy Policy
Zero Day Monitor © 2026
3087 articles · 172021 vulns · 37/41 feeds (7d)
← Back to list
9.8
CVE-2026-33264EXPLOITEDPATCHED
apache software foundation · apache airflow

Apache Airflow: DAG author RCE on webserver via unrestricted import_string() in BaseSerialization.deserialize()

Description

A bug in `BaseSerialization.deserialize()` allowed unrestricted `import_string()` of attacker-controlled class paths when the Scheduler / API Server loaded a serialized DAG: a DAG author could embed a malicious trigger into a DAG to gain remote code execution on the API Server / Scheduler process, crossing the Airflow security boundary that DAG-author code must never execute in those processes. Users are advised to upgrade to `apache-airflow` 3.3.0 or later. As a defense-in-depth mitigation, deployments where DAG-author trust is limited can restrict the `[core] allowed_deserialization_classes` config to a narrow allowlist.

Affected Products

VendorProductVersions
apache software foundationapache airflow0

Also Affects

Downstream vendors/products affected by this vulnerability

VendorProductSourceConfidence
apacheairflowcert_advisory90%

References

  • https://github.com/apache/airflow/pull/66002(patch)
  • https://github.com/apache/airflow/pull/68528(patch)
  • https://lists.apache.org/thread/otvdw8qt2y7xy2n5nq9xby9ky4rf5ltj(vendor-advisory)

Related News (3 articles)

Tier B
BSI Advisories9h ago
[NEU] [mittel] Apache Airflow: Mehrere Schwachstellen
→ No new info (linked only)
Tier C
oss-security10h ago
CVE-2026-33264: Apache Airflow: DAG author RCE on webserver via unrestricted import_string() in BaseSerialization.deserialize()
→ No new info (linked only)
Tier C
VulDB10h ago
CVE-2026-33264 | Apache Airflow up to 3.2.x Trigger BaseSerialization.deserialize deserialization
→ No new info (linked only)
CVSS 3.19.8 CRITICAL
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA KEV❌ No
Actively exploited✅ Yes
Patch available
3.3.0
CWECWE-502
PublishedJul 7, 2026
Last enriched3h agov3
Trending Score77
Source articles3
Independent3
Info Completeness9/14
Missing: cvss, epss, kev, iocs, mitre_attack

Community Vote

0
Login to vote
0 upvotes0 downvotes
No votes yet

Related CVEs (5)

MEDIUMCVE-2026-48892EXP
Apache Airflow: Config API leaks per-key secrets backend kwargs - masker bypass on synthetic options
Trending: 56
MEDIUMCVE-2026-48828EXP
Apache Airflow: Bulk JSON Variables bypass should_hide_value_for_key - redact() called without the key
Trending: 56
NONECVE-2026-49487EXP
Apache Airflow: Task-instance API exposes secrets in deferred trigger kwargs
Trending: 53
MEDIUMCVE-2026-48891EXP
Apache Airflow: /ui/dependencies scheduling graph leaks unreadable Dag identifiers via trigger/sensor dep.source/dep.target
Trending: 52
CRITICALCVE-2026-53913
Apache Camel Keycloak: KeycloakSecurityPolicy verifies the bearer access token only inside its role and permission checks, so in the default configuration the token is never verified and any non-null bearer value is accepted
Trending: 44

Pin to Dashboard

Verification

State: unverified
Confidence: 0%

Vulnerability Timeline

CVE Published
Jul 7, 2026
Discovered by ZDM
Jul 7, 2026
Updated: severity, affectedVersions, activelyExploited
Jul 7, 2026
Updated: severity, exploitAvailable
Jul 7, 2026
Actively Exploited
Jul 7, 2026
Exploit Available
Jul 7, 2026
Patch Available
Jul 7, 2026

Version History

v3
Last enriched 3h ago
v3Tier C9h ago

Updated severity from CRITICAL to HIGH and marked exploit as available.

severityexploitAvailable
via oss-security
v2Tier C10h ago

Updated severity to CRITICAL, added affected versions 3.2.x, and noted that there is no exploit available.

severityaffectedVersionsactivelyExploited
via VulDB
v110h ago

Initial creation