A vulnerability was found in Apache Airflow CNCF Kubernetes Provider up to 10.16.x . It has been declared as problematic . This issue affects some unknown processing of the component JWT Token Handler . Executing a manipulation can lead to file and directory information exposure. This vulnerability is registered as CVE-2026-27173 . It is possible to launch the attack remotely. No exploit is available. It is recommended to upgrade the affected component.