A vulnerability was found in Apache Airflow up to 3.1.7 . It has been rated as problematic . This vulnerability affects unknown code of the file /ui/dependencies . The manipulation leads to incorrect permission assignment. This vulnerability is referenced as CVE-2026-28563 . Remote exploitation of the attack is possible. No exploit is available. Upgrading the affected component is advised.