CVE-2026-59245 in Airflow
Summary
by MITRE • 07/13/2026
In the Apache Airflow FAB auth manager, a DAG whose `dag_id` is `DAGs` collided with the global all-DAGs permission resource name produced by `resource_name()`, so a user granted per-DAG `access_control` on that one DAG was silently granted the global all-DAGs permission (privilege escalation). The escalation triggers when a DAG named `DAGs` exists and a lower-privileged user is given per-DAG access to it, granting that user read/edit access to every DAG. Users are advised to upgrade to `apache-airflow-providers-fab` 3.7.2 or later, which disambiguates the resource-name collision.
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Analysis
by VulDB Data Team • 07/13/2026
The vulnerability exists within the Apache Airflow Fabric Authentication and Authorization Manager where a specific naming collision creates an unexpected privilege escalation path. This flaw occurs when a DAG is named `DAGs`, which directly conflicts with the global all-DAGs permission resource name generated by the `resource_name()` function. The technical implementation fails to distinguish between the singular DAG named `DAGs` and the collective all-DAGs resource, creating an ambiguous authorization state that allows unauthorized access.
This vulnerability represents a classic case of improper access control where the system's resource naming convention creates an unintended overlap in permission boundaries. The flaw operates at the authorization layer, specifically affecting how the FAB (Flask App Builder) authentication manager processes and validates access control lists. When a user is granted per-DAG access to a DAG named `DAGs`, the system incorrectly maps this permission to the global all-DAGs resource, effectively granting the user administrative privileges across all DAGs in the system.
The operational impact of this vulnerability is severe as it enables silent privilege escalation without any explicit indication to administrators or users. A lower-privileged user who gains access to a single DAG named `DAGs` can subsequently read and edit every DAG within the Airflow environment, fundamentally compromising the principle of least privilege. This creates a significant security risk where unauthorized individuals can potentially modify critical workflows, access sensitive data processing pipelines, and disrupt operational processes across the entire system.
The vulnerability directly relates to CWE-284, which addresses improper access control, and maps to ATT&CK technique T1078 for valid accounts and privilege escalation. The issue stems from inadequate input validation and resource name collision handling within the authorization framework. Organizations using Apache Airflow with custom access control configurations are particularly at risk, as the vulnerability can remain undetected while providing attackers with elevated privileges.
The recommended mitigation involves upgrading to `apache-airflow-providers-fab` version 3.7.2 or later, which implements proper disambiguation of resource names to prevent the collision between the DAG named `DAGs` and the global all-DAGs permission resource. This fix ensures that access control lists correctly distinguish between individual DAG permissions and global system permissions, maintaining proper authorization boundaries. System administrators should also review existing access control configurations and audit user permissions to identify any potential exploitation of this vulnerability before applying the upgrade.