CVE-2026-25917 | Apache Airflow: API extra-links triggers XCom deserialization/class instantiation (Airflow 3.1.5)

Start your free trial today.

Protect your organization with cutting-edge cybersecurity solutions designed for resilience and efficiency. Secure your digital assets with confidence.

Your Shield Against Threats

Unleash the Power of Cybersecurity

Boost Your Security, Enhance Your Business

We solve Your Cyber Challenges

Quick Links

Home
About
Why Deepaegis?
Contact Us

Resources

Blogs
Advisories

Deepaegis Portals

Solution
Documentation
Help & Support

CVE-2026-25917 | Apache Airflow: API extra-links triggers XCom deserialization/class instantiation (Airflow 3.1.5)

Vulnerability Advisory : Apache Airflow: API extra-links triggers XCom deserialization/class instantiation (Airflow 3.1.5) with undefined Attack Complexity