CVE-2026-33858
Published: 13 April 2026
Summary
CVE-2026-33858 is a high-severity Deserialization of Untrusted Data (CWE-502) vulnerability in Apache Airflow. Its CVSS base score is 8.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 41.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 RA-5 (Vulnerability Monitoring and Scanning) and SI-10 (Information Input Validation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly requires timely identification, reporting, and correction of the deserialization flaw in Apache Airflow via patching to version 3.2.0.
Mandates validation of XCom payloads at deserialization points to prevent processing of malicious payloads leading to arbitrary code execution.
Vulnerability scanning identifies deserialization vulnerabilities like CWE-502 in the Airflow webserver for proactive remediation.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Deserialization vulnerability (CWE-502) enables remote authenticated (PR:L) attackers to achieve arbitrary RCE on the webserver via crafted XCom payloads, directly facilitating T1190 (Exploit Public-Facing Application) and T1068 (Exploitation for Privilege Escalation).
NVD Description
Dag Authors, who normally should not be able to execute code in the webserver context could craft XCom payload causing the webserver to execute arbitrary code. Since Dag Authors are already highly trusted, severity of this issue is Low. Users…
more
are recommended to upgrade to Apache Airflow 3.2.0, which resolves this issue.
Deeper analysisAI
CVE-2026-33858 is a deserialization vulnerability (CWE-502) in Apache Airflow versions prior to 3.2.0, published on 2026-04-13. It allows Dag Authors, who typically lack permissions to execute code in the webserver context, to craft malicious XCom payloads that trigger arbitrary code execution on the webserver. Despite the high CVSS v3.1 score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), the issue is rated low severity due to the high trust already placed in Dag Authors.
An attacker with Dag Author privileges can exploit this remotely over the network with low complexity and no user interaction required. By pushing a specially crafted XCom payload, they achieve full remote code execution on the Airflow webserver, potentially compromising confidentiality, integrity, and availability of the system.
Apache Airflow advisories recommend upgrading to version 3.2.0, which resolves the vulnerability. Relevant discussions and the fixing pull request are available at https://github.com/apache/airflow/pull/64148, https://lists.apache.org/thread/1npt3o2x81s0gw9tmfcv4n7p1z9hdmy0, and http://www.openwall.com/lists/oss-security/2026/04/13/7.
Details
- CWE(s)