CVE-2026-45361

Description

Apache Airflow providers-google's `ComputeEngineSSHHook` disables SSH host-key verification by default, exposing SSH traffic between an Airflow worker and a Compute Engine VM to in-path network attackers who can intercept or modify the session. Users are advised to upgrade to `apache-airflow-providers-google` 22.0.0 or later.

CVSS v3.1 Score

8.1

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS — Exploit Prediction

0.0002

Probability of exploitation

0.04%

Percentile rank

EPSS estimates the probability that this vulnerability will be exploited in the wild within the next 30 days. A higher score means more likely to be exploited.

Weakness Type (CWE)

CWE-322 CWE-322

References

Other References

https://github.com/apache/airflow/pull/66746 https://lists.apache.org/thread/3lpj7ppwxp7jtp81rnxk75xvln7qd7h2 http://www.openwall.com/lists/oss-security/2026/05/24/9

Frequently Asked Questions

What is CVE-2026-45361? +

Apache Airflow providers-google's `ComputeEngineSSHHook` disables SSH host-key verification by default, exposing SSH traffic between an Airflow worker and a Compute Engine VM to in-path network attackers who can intercept or modify the session. Users are advised to upgrade to `apache-airflow-providers-google` 22.0.0 or later. It has a CVSS v3.1 base score of 8.1 (HIGH).

How severe is CVE-2026-45361? +

CVE-2026-45361 has a CVSS v3.1 score of 8.1 out of 10, rated HIGH. This is a high-severity vulnerability that should be prioritized for patching. The EPSS score is 0.0002, placing it in the 0th percentile for exploitation probability.

How do I check if I'm vulnerable to CVE-2026-45361? +

You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.

Related Vulnerabilities

CVE-2026-44467

The Claude Desktop app gives you Claude Code with a graphical interface built for running multiple sessions side by side. …

CVE-2025-20163 8.7

A vulnerability in the SSH implementation of Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an unauthenticated, remote attacker to …

CVE-2024-47519 8.3

Backup uploads to ETM subject to man-in-the-middle interception

CVE-2024-6572 7.4

Improper host key checking in active check 'Check SFTP Service' and special agent 'VNX quotas and filesystem' in Checkmk before …

CVE-2024-7516 7.1

A vulnerability in Brocade Fabric OS versions before 9.2.2 could allow man-in-the-middle attackers to conduct remote Service Session Hijacking that …

CVE-2024-4871 6.8

A vulnerability was found in Satellite. When running a remote execution job on a host, the host's SSH key is …