CVE-2026-41018 Overview
CVE-2026-41018 is an information disclosure vulnerability in the apache-airflow-providers-elasticsearch package. The Elasticsearch logging provider wrote the full host URL into task logs when the URL embedded credentials in the form https://user:password@server.example.com:9200. Any authenticated user with task-log read permission could harvest the backend Elasticsearch credentials by reading the logs. The flaw is tracked under CWE-532: Insertion of Sensitive Information into Log File. Apache addressed the issue in apache-airflow-providers-elasticsearch 6.5.3.
Critical Impact
Authenticated Airflow users with log-read access can extract plaintext Elasticsearch backend credentials, enabling lateral movement to the logging backend and exposure of indexed log data.
Affected Products
- Apache Airflow Providers Elasticsearch versions prior to 6.5.3
- Apache Airflow deployments using the [elasticsearch] host configuration with embedded credentials
- Environments where backend credentials are not sourced from a secret backend
Discovery Timeline
- 2026-05-11 - CVE-2026-41018 published to NVD
- 2026-05-13 - Last updated in NVD database
Technical Details for CVE-2026-41018
Vulnerability Analysis
The Elasticsearch logging provider in Apache Airflow uses the [elasticsearch] host configuration value to connect to the Elasticsearch backend that stores task execution logs. Operators commonly embed authentication material directly in this URL using the standard scheme://user:password@host:port syntax. The provider serialized the unredacted host URL into task log output during normal operation. Because Airflow exposes task logs through both the web UI and the REST API, any principal granted log-read permission against a DAG could retrieve the credential string from log content.
The issue does not require log injection or any crafted input. The credentials leak as a side effect of routine task execution. Stolen credentials grant the attacker the same privileges the Airflow service account holds on the Elasticsearch cluster, which typically includes read access to all indexed logs and, depending on role mapping, write or administrative access.
Root Cause
The root cause is missing redaction of sensitive URL components before writing connection metadata to log sinks. Airflow's secret masker normally scrubs known sensitive variables, but the embedded userinfo segment of the Elasticsearch host URL was not registered as a masked value. The provider treated the host string as non-sensitive configuration.
Attack Vector
An authenticated Airflow user with can_read permission on task logs queries the log endpoint for any DAG run that uses the Elasticsearch logging backend. The returned log content contains the full host URL with credentials in cleartext. The attacker then authenticates to the Elasticsearch cluster directly using the harvested credentials.
The vulnerability mechanism is described in the upstream fix at the Apache Airflow GitHub Pull Request #65349 and the Apache Mailing List Thread. No public proof-of-concept code is required because the credential appears in log output during normal operation.
Detection Methods for CVE-2026-41018
Indicators of Compromise
- Task log entries containing URL patterns matching https?://[^:]+:[^@]+@ referencing the Elasticsearch host
- Elasticsearch authentication events from unexpected source IPs using the Airflow service account
- Audit log entries showing repeated GET /api/v1/dags/*/dagRuns/*/taskInstances/*/logs/* calls from a single user account
Detection Strategies
- Grep historical Airflow task logs for the pattern ://[^/\s:]+:[^/\s@]+@ to identify credential leakage events
- Review Airflow audit logs for users who accessed task logs across a broad set of DAGs in a short window
- Correlate Elasticsearch authentication logs against the set of hosts authorized to run Airflow workers
Monitoring Recommendations
- Alert on Elasticsearch logins using the Airflow service account from IPs outside the Airflow worker subnet
- Monitor for outbound connections to the Elasticsearch backend originating from non-worker nodes
- Track changes to Airflow role assignments that grant log-read permissions to new users
How to Mitigate CVE-2026-41018
Immediate Actions Required
- Upgrade apache-airflow-providers-elasticsearch to 6.5.3 or later on all Airflow scheduler, webserver, and worker nodes
- Rotate the Elasticsearch credentials previously configured in the [elasticsearch] host URL
- Audit existing task logs for credential exposure and purge or re-index affected log entries
- Review the list of users with log-read permission and revoke access where it is not required
Patch Information
Apache released the fix in apache-airflow-providers-elasticsearch version 6.5.3. The patch is tracked in the Apache Airflow GitHub Pull Request #65349 and announced in the Apache Mailing List Thread and OpenWall OSS Security Update.
Workarounds
- Move Elasticsearch credentials out of the [elasticsearch] host URL and configure them through an Airflow secret backend such as HashiCorp Vault or AWS Secrets Manager
- Set the Elasticsearch host to a credential-free URL and supply authentication via the provider's dedicated username and password configuration keys
- Restrict log-read permissions in Airflow RBAC to the minimum set of operators required
# Configuration example: remove credentials from host and use a secret backend
[elasticsearch]
host = https://elasticsearch.internal:9200
[secrets]
backend = airflow.providers.hashicorp.secrets.vault.VaultBackend
backend_kwargs = {"connections_path": "connections", "variables_path": "variables", "url": "https://vault.internal:8200"}
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
