CVE-2026-10584: AWS Graph Explorer HTTPS Fallback Flaw
🟠 High | Source: AWS Security Bulletins A vulnerability in Graph Explorer (versions 1.1.0 to 3.0.1), an open-source tool used with Amazon Neptune, can cause the application to silently fall back from HTTPS to unencrypted HTTP when TLS certificates are unavailable. This means sensitive data, potentially including graph database queries and results, may be transmitted in cleartext without any visible warning. The issue is tracked as CVE-2026-10584 and requires an explicit upgrade to version 3.0.1 or later. ...