Apache Flink administrators should plan an update for CVE-2026-35194. Apache has published a critical security advisory for a code-execution issue in Flink’s SQL code generation path. The risk matters most where users, tenants, analysts, applications, or automation accounts can submit Flink SQL jobs to shared clusters.
This is a protect-only guide. Fix I.T. Phill is not publishing query examples, internal code paths, or test recipes. The useful defender action is to identify exposed Flink clusters, upgrade to a fixed release, restrict query-submission access, and review recent job activity.
Who Is Affected
- Apache Flink 1.15.0 through 1.20.x.
- Apache Flink 2.0.0 through 2.x before the fixed release line.
- Kubernetes, Docker, VM, or bare-metal Flink clusters where users can submit SQL jobs.
- Multi-user analytics, ETL, MLOps, data lake, and internal platform environments where TaskManagers process jobs for more than one team or customer.
Fixed Versions
Apache recommends upgrading to one of these fixed versions:
- Apache Flink 1.20.4 or newer on the 1.20 line.
- Apache Flink 2.0.2 or newer on the 2.0 line.
- Apache Flink 2.1.2 or newer on the 2.1 line.
- Apache Flink 2.2.1 or newer on the 2.2 line.
Safe Version Checks
Use normal inventory checks only. These commands do not validate the vulnerability; they help administrators find Flink versions and deployments that need attention.
bin/flink --version docker images | grep -i flink kubectl get pods -A | grep -i flink
Also check deployment manifests, Helm values, container tags, CI/CD variables, platform catalogs, and vendor-managed data platform images for embedded Flink versions.
Cluster-Safe Patch Plan
- Inventory JobManagers, TaskManagers, SQL gateways, container images, Helm charts, and managed platform templates.
- Review running jobs, savepoints, checkpoints, state backends, and restart behavior before maintenance.
- Back up configuration, job definitions, savepoints, state storage, secrets references, and deployment manifests.
- Drain or pause non-critical jobs where possible, then take savepoints for stateful workloads.
- Upgrade staging first and run representative SQL, streaming, batch, connector, and sink/source tests.
- Roll production updates by cluster or namespace, watching restart counts, job recovery, checkpoint health, and connector errors.
- After patching, verify the Flink version, job health, TaskManager registration, metrics, and logs.
Temporary Mitigation
Updating is the fix. While waiting for a maintenance window, restrict Flink job and SQL submission to trusted users only. Put Flink web UI and API access behind VPN, SSO, private networks, bastion hosts, or allowlists. Review service-account permissions and avoid sharing high-privilege submission credentials across teams.
For multi-tenant or customer-adjacent environments, consider isolating high-risk workloads onto separate clusters until all Flink components are on fixed versions.
What To Review
- Recent submitted jobs, SQL gateway activity, job owner history, and unexpected job failures.
- TaskManager logs for unusual process behavior, unexpected connector access, or abnormal restarts.
- Kubernetes audit logs, container runtime logs, and platform access logs around Flink namespaces.
- Secrets, tokens, database credentials, object-storage keys, and message-broker credentials available to affected jobs.
- Outbound network access from TaskManagers, especially in shared analytics or customer data environments.
Customer Communication
If you host or manage Flink for customers, tell them that Apache released a critical Flink update, that the risk depends on who can submit jobs, and that you are updating clusters while reviewing recent job activity and credential exposure. Avoid sending technical attack details to customers; focus on patch timing, downtime expectations, and post-update verification.
Fix I.T. Phill CDN/WAF Note
We are leaving a sanitized CDN/WAF handoff for exposed Flink management surfaces. Edge controls cannot patch Flink, but they can help reduce public exposure with access restrictions, SSO/VPN enforcement, admin allowlists, or challenge mode while owners upgrade.