VDB
CVE-2026-24098
CVE-2026-24098
PUBLISHED
Apache Airflow: Assigning single DAG permission leaked all DAGs Import Errors
EPSS 0.01% · 2.7th percentile
Risk Scores
EPSS Score
0.01%
2.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitnami | airflow | 0, 0, 0 |
| Bitnami | airflow | 0 |
Exploit Intelligence
- CIRCL seen: CVE-2026-24098 (circl-sighting)
- CIRCL seen: CVE-2026-24098 (circl-sighting)
- http://www.openwall.com/lists/oss-security/2026/02/09/3 (circl)
- https://github.com/apache/airflow/pull/60801 (circl)
- https://lists.apache.org/thread/nx96435v77xdst7ls5lk57kqvqyj095x (circl)
Timeline
- Feb 9, 2026 CVE Published
- Feb 9, 2026 EPSS Score
- Feb 9, 2026 PoC Published
- Feb 9, 2026 PoC Published
- Feb 11, 2026 CVE Updated
- Feb 11, 2026 EPSS Score
- Feb 13, 2026 EPSS Score
- Feb 15, 2026 EPSS Score
- Feb 17, 2026 EPSS Score
- Feb 19, 2026 EPSS Score
- Feb 21, 2026 EPSS Score
- Feb 23, 2026 EPSS Score