Skip to content

CVE lookup

CVE-2026-49297

Pruva has a verified reproduction for CVE-2026-49297: Apache Airflow Google provider path traversal via GCS object names. The canonical evidence record is REPRO-2026-00257.

REPRO

REPRO-2026-00257

Package

apache-airflow-providers-google · pip

Severity

MEDIUM

Status

published