A vulnerability classified as critical was found in Apache Airflow up to 3.2.1 . This affects an unknown part of the file /ui/partitioned_dag_runs of the component partitioned_dag_runs Endpoint . Such manipulation leads to improper access controls. This vulnerability is documented as CVE-2026-41014 . The attack can be executed remotely. There is not any exploit available. Upgrading the affected component is advised.