{"uuid": "fd373a75-7cc6-49b9-b804-55ec53128f4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49297", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mpsjoi25k323", "content": "CVE-2026-49297: Apache Airflow Google provider: Path traversal via GCS object names \u2192 local/SFTP filesystem (GCSToSFTPOperator + GCSTimeSpanFileTransformOperator)", "creation_timestamp": "2026-07-04T07:22:55.036637Z"}