Apache Airflow version 2.9.0 has a vulnerability that allows an authenticated malicious user to inject malicious data into the task instance logs. Users are recommended to upgrade to version 2.9.1, which fixes this issue.