CVE-2026-25604

EUVD-2026-10318
In AWS Auth manager, the origin of the SAML authentication has been used as provided by the client and not verified against the actual instance URL. 
This allowed to gain access to different instances with potentially different access controls by reusing SAML response from other instances.

You should upgrade to 9.22.0 version of provider if you use AWS Auth Manager.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.4 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
apacheairflow_providers_amazon
8.0.0 ≤
𝑥
< 9.22.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/apache/airflow/pull/61368
https://lists.apache.org/thread/spwwrsmwxod7fpttcd7n7zs46j839l77
http://www.openwall.com/lists/oss-security/2026/03/09/6