CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Vulnrichment•added 2026/06/02 7:8 p.m.•7 views

CVE-2026-10584 HTTPS Fallback to HTTP in Graph Explorer

ATTACKERKB•added 2026/06/02 7:8 p.m.•7 views

CVE-2026-10584

Exploits0References3Affected Software1

Cvelist•added 2026/06/02 7:8 p.m.•28 views

CVE-2026-10584 HTTPS Fallback to HTTP in Graph Explorer

8.2CVSS0.00101EPSS

CVE•added 2026/06/02 7:8 p.m.•20 views

CVE-2026-10584

Graph Explorer before 3.0.1 uses an HTTP fallback when certificate files are missing, exposing potential interception of HTTPS requests. The vulnerability affects the proxy component of Graph Explorer and can lead to disclosure of sensitive information. The recommended remediations are to upgrade...

EUVD•added 2026/06/02 7:8 p.m.•8 views

EUVD-2026-34011

CNNVD•added 2026/06/02 12:0 a.m.•5 views

Graph Explorer 安全漏洞

Graph Explorer is an interactive web application for visual exploration of graph databases, open-sourced by Amazon Web Services. Previous versions of Graph Explorer, such as 3.0.1, contained security vulnerabilities. These vulnerabilities stemmed from the proxy server falling back to HTTP when th...

8.2CVSS5.5AI score0.00101EPSS

Positive Technologies•added 2026/06/02 12:0 a.m.•10 views

PT-2026-45817

Name of the Vulnerable Software and Affected Versions Graph Explorer versions prior to 3.0.1 Description The proxy server falls back to HTTP when certificate files are missing. This behavior may allow remote threat actors to intercept requests intended for HTTPS and obtain sensitive information...

8.2CVSS5.5AI score0.00101EPSS

Exploits0References4

RedhatCVE•added 2025/10/31 10:8 p.m.•8 views

CVE-2023-7315

Nagios XI versions prior to 5.11.3 are vulnerable to cross-site scripting XSS via the Graph Explorer component. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...

5.4CVSS6.2AI score0.00417EPSS

Exploits0References1

RedhatCVE•added 2025/10/31 10:8 p.m.•5 views

CVE-2023-7316

Nagios XI versions prior to 2024R1 are vulnerable to cross-site scripting XSS via the Graph Explorer component. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...

5.4CVSS6.2AI score0.00477EPSS

Exploits0References1

OSV•added 2025/10/30 10:15 p.m.•2 views

CVE-2023-7316

5.4CVSS5.9AI score0.00477EPSS

OSV•added 2025/10/30 10:15 p.m.•3 views

CVE-2023-7315

5.4CVSS5.8AI score0.00417EPSS

NVD•added 2025/10/30 10:15 p.m.•4 views

CVE-2023-7316

5.4CVSS0.00477EPSS

NVD•added 2025/10/30 10:15 p.m.•4 views

CVE-2023-7315

5.4CVSS0.00417EPSS

CVE•added 2025/10/30 9:52 p.m.•10 views

CVE-2023-7316

CVE-2023-7316 concerns Nagios XI prior to 2024R1. The vulnerability is an XSS flaw in the Graph Explorer component caused by insufficient validation or escaping of user-supplied input, enabling an attacker to inject and execute arbitrary script in a victim’s browser. Affected software: Nagios XI ...

5.4CVSS5.8AI score0.00477EPSS

Exploits0References3Affected Software1

Vulnrichment•added 2025/10/30 9:52 p.m.•5 views

CVE-2023-7316 Nagios XI < 2024R1 XSS via Graph Explorer

5.1CVSS5.8AI score0.00477EPSS

Cvelist•added 2025/10/30 9:52 p.m.•6 views

CVE-2023-7316 Nagios XI < 2024R1 XSS via Graph Explorer

5.1CVSS0.00477EPSS

CVE•added 2025/10/30 9:52 p.m.•8 views

CVE-2023-7315

Nagios XI prior to version 5.11.3 is affected by a cross-site scripting (XSS) vulnerability in the Graph Explorer component. The root cause is insufficient validation or escaping of user-supplied input, enabling an attacker to inject and execute arbitrary script in a victim’s browser. Supported b...

5.4CVSS5.8AI score0.00417EPSS

Exploits0References3Affected Software1

Cvelist•added 2025/10/30 9:52 p.m.•6 views

CVE-2023-7315 Nagios XI < 5.11.3 XSS via Graph Explorer

5.1CVSS0.00417EPSS