{"id":"PYSEC-2026-595","details":"In the AWS Secrets Manager and SSM Parameter Store secrets backends of `apache-airflow-providers-amazon` prior to 9.28.0, the team-scoping logic could resolve a `conn_id` containing a `/` (e.g. `\"my_team/conn\"`) to the same path as another team's team-scoped secret when the caller had no team context. A privileged caller without team context could therefore retrieve another team's secret by crafting a colliding `conn_id`. Fixed in 9.28.0 by switching the team-scope separator to `--` and rejecting team-shaped `conn_id`s when team context is absent. Affects the experimental multi-tenant teams feature only. Users are recommended to upgrade to `apache-airflow-providers-amazon` 9.28.0, which fixes the issue.","aliases":["CVE-2026-42526","GHSA-g9qc-qf28-hhqx"],"modified":"2026-07-01T18:26:20.727909764Z","published":"2026-05-19T20:16:19.163Z","references":[{"type":"ADVISORY","url":"http://www.openwall.com/lists/oss-security/2026/05/19/36"},{"type":"ADVISORY","url":"https://lists.apache.org/thread/0092sz5g520d3qqjb01wd61myqlgjtyn"},{"type":"FIX","url":"https://github.com/apache/airflow/pull/65703"}],"affected":[{"package":{"name":"apache-airflow-providers-amazon","ecosystem":"PyPI","purl":"pkg:pypi/apache-airflow-providers-amazon"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"9.28.0"}]}],"versions":["1.0.0","1.0.0b1","1.0.0b2","1.0.0rc1","1.1.0","1.1.0rc1","1.2.0","1.2.0rc1","1.3.0","1.3.0rc1","1.4.0","1.4.0rc1","2.0.0","2.0.0rc1","2.0.0rc2","2.1.0","2.1.0rc1","2.1.0rc2","2.2.0","2.2.0rc1","2.3.0","2.3.0rc1","2.3.0rc2","2.4.0","2.4.0rc1","2.4.0rc2","2.5.0","2.5.0rc1","2.6.0","2.6.0rc1","3.0.0","3.0.0rc1","3.0.0rc2","3.1.0rc1","3.1.1","3.1.1rc1","3.2.0","3.2.0rc1","3.3.0","3.3.0rc1","3.4.0","3.4.0rc1","4.0.0","4.0.0rc1","4.0.0rc2","4.1.0","4.1.0rc1","5.0.0","5.0.0rc1","5.0.0rc2","5.0.0rc3","5.1.0","5.1.0rc1","6.0.0","6.0.0rc1","6.1.0","6.1.0rc1","6.2.0","6.2.0rc2","6.2.0rc3","7.0.0","7.0.0rc1","7.0.0rc2","7.1.0","7.1.0rc1","7.2.0","7.2.0rc1","7.2.1","7.2.1rc1","7.3.0","7.3.0rc1","7.4.0","7.4.0rc1","7.4.1","7.4.1rc1","8.0.0","8.0.0rc1","8.0.0rc2","8.0.0rc3","8.1.0","8.1.0rc1","8.1.0rc2","8.10.0","8.10.0rc1","8.11.0","8.11.0rc1","8.12.0","8.12.0rc1","8.13.0","8.13.0rc1","8.14.0","8.14.0rc1","8.15.0","8.15.0rc1","8.16.0","8.16.0rc1","8.17.0","8.17.0rc1","8.17.0rc2","8.18.0","8.18.0rc1","8.18.0rc2","8.19.0","8.19.0rc1","8.2.0","8.2.0rc1","8.20.0","8.20.0rc1","8.21.0","8.21.0rc1","8.22.0","8.22.0rc1","8.23.0","8.23.0rc1","8.24.0","8.24.0rc1","8.24.0rc2","8.25.0","8.25.0rc1","8.26.0","8.26.0rc1","8.26.0rc2","8.27.0","8.27.0rc1","8.27.0rc2","8.28.0","8.28.0rc1","8.29.0","8.29.0rc1","8.3.0","8.3.0rc1","8.3.0rc2","8.3.0rc3","8.3.0rc4","8.3.1","8.3.1rc1","8.4.0","8.4.0rc1","8.5.0","8.5.0rc1","8.5.1","8.5.1rc1","8.6.0","8.6.0rc1","8.7.0","8.7.0rc1","8.7.1","8.7.1rc1","8.8.0","8.8.0rc1","8.9.0","8.9.0rc1","9.0.0","9.0.0rc1","9.1.0","9.1.0rc1","9.1.0rc2","9.1.0rc3","9.1.0rc4","9.10.0","9.10.0rc1","9.11.0","9.11.0rc1","9.12.0","9.12.0rc1","9.13.0","9.13.0rc1","9.14.0","9.14.0rc1","9.15.0","9.15.0rc1","9.16.0","9.16.0rc1","9.17.0","9.17.0rc1","9.18.0","9.18.0rc1","9.18.0rc2","9.18.1","9.18.1rc1","9.19.0","9.19.0rc1","9.2.0","9.2.0rc1","9.2.0rc2","9.20.0","9.20.0rc1","9.21.0","9.21.0rc1","9.22.0","9.22.0rc1","9.22.0rc2","9.22.0rc3","9.23.0","9.23.0rc1","9.24.0","9.24.0rc1","9.25.0","9.25.0rc1","9.25.0rc2","9.26.0","9.26.0rc1","9.27.0","9.27.0rc1","9.28.0rc1","9.3.0","9.4.0","9.4.0rc1","9.5.0","9.5.0rc1","9.5.0rc2","9.5.0rc3","9.6.0","9.6.0rc1","9.6.1","9.6.1rc1","9.7.0","9.7.0rc1","9.7.0rc2","9.8.0","9.8.0rc1","9.9.0","9.9.0rc1","9.9.1rc1"],"ecosystem_specific":{},"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/apache-airflow-providers-amazon/PYSEC-2026-595.yaml"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"}]}