A vulnerability, which was classified as problematic , was found in Apache Airflow up to 3.2.1 . This issue affects some unknown processing of the component TaskInstances . Executing a manipulation can lead to authorization bypass. This vulnerability appears as CVE-2026-41084 . The attack may be performed from remote. There is no available exploit. You should upgrade the affected component.