CVE-2026-41017 Blast Radius

MEDIUM • CVSS 5.9Apache Airflow's `JWTRefreshMiddleware` set the JWT auth cookie without the `Secure` flag, so deployments running the Airflow API server behind an HTT…

Is Your Infrastructure Using These Packages?

EchelonGraph automatically scans your cloud infrastructure and SBOMs to map your exposure to vulnerabilities like CVE-2026-41017.

Start Free Scan →← Back to CVE-2026-41017