{"uuid": "f9b3e178-12cf-470b-9440-113ce4e3a821", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-42359", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116674384679698884", "content": "\ud83d\udea9 CVE-2026-42359 (CRITICAL): Apache Airflow 3.2.0 XCom PATCH deserialization flaw enables authenticated users with XCom write to execute code remotely. Upgrade to 3.2.2+ to mitigate. No known exploits yet. https://radar.offseq.com/threat/cve-2026-42359-cwe-502-deserialization-of-untruste-34c6b2b1 #OffSeq #ApacheAirflow #RCE #Security", "creation_timestamp": "2026-06-01T10:30:34.741044Z"}