A vulnerability classified as problematic has been found in Apache Airflow up to 3.2.1 . Affected by this issue is some unknown functionality of the file /ui/structure/structure_data . This manipulation causes authorization bypass. This vulnerability is registered as CVE-2026-40963 . Remote exploitation of the attack is possible. No exploit is available. It is recommended to upgrade the affected component.