{"schema_version": "1.6.1", "id": "CVE-2026-30912", "summary": "Exposing stack trace in case of constraint error", "details": "In case of SQL errors, exception/stack trace of errors was exposed in API even if \"api/expose_stack_traces\" was set to false. That could lead to exposing additional information to potential attacker. Users are recommended to upgrade to Apache Airflow 3.2.0, which fixes the issue.", "affected": [{"ranges": [{"type": "SEMVER", "events": [{"introduced": "0"}, {"fixed": "3.2.0"}]}]}], "references": [{"type": "WEB", "url": "https://github.com/apache/airflow/pull/63028"}, {"type": "WEB", "url": "https://lists.apache.org/thread/tp6kz1hnfb3zsrrtg19myo8x5x80w8r9"}]}