A vulnerability was found in Apache Airflow up to 3.2.1 . It has been classified as problematic . The impacted element is an unknown function of the component XCom PATCH Endpoint . This manipulation causes an unknown weakness. This vulnerability is handled as CVE-2026-42359 . The attack can be initiated remotely. There is not any exploit available. Upgrading the affected component is recommended.