What is GHSA-524w-vq63-2xhf?

GHSA-524w-vq63-2xhf is a security advisory published by GitHub Security Advisories with High severity. JWT tokens that were used by workers in Kubernetes Executors have been exposed to users who had...

Which CVE IDs does GHSA-524w-vq63-2xhf cover?

GHSA-524w-vq63-2xhf covers the following CVE IDs: CVE-2026-27173. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-524w-vq63-2xhf?

GHSA-524w-vq63-2xhf has a CVSS v3 base score of 8.7, published by GitHub Security Advisories.

GHSA-524w-vq63-2xhfHighCVSS 8.7

JWT tokens that were used by workers in Kubernetes Executors have been exposed to users who had...

Vendor

GitHub Security Advisories

Published

May 19, 2026

Last Modified

May 19, 2026

🔗 CVE IDs covered (1)

CVE-2026-27173 →

📋 Description

JWT tokens that were used by workers in Kubernetes Executors have been exposed to users who had read only access to Kuberentes Pods. This could allow users with just read-only access to perform actions that were only available to running tasks via Task SDK and potentially allow to modify state of Airflow Database for tasks.

🔗 References (5)

https://nvd.nist.gov/vuln/detail/CVE-2026-27173
https://github.com/apache/airflow/pull/60108
https://lists.apache.org/thread/pk3m2z4s2rkmc0v6gh9hnch9spc6stqw
http://www.openwall.com/lists/oss-security/2026/05/19/35
https://github.com/advisories/GHSA-524w-vq63-2xhf