CVE lookup
CVE-2026-49297
Pruva has a verified reproduction for CVE-2026-49297: Apache Airflow Google provider path traversal via GCS object names. The canonical evidence record is REPRO-2026-00257.
REPRO
REPRO-2026-00257
Package
apache-airflow-providers-google · pip
Severity
MEDIUM
Status
published