What is 2026-038-AWS?

2026-038-AWS is a security advisory published by AWS Security Bulletins. CVE-2026-10584 - HTTPS Fallback to HTTP in Graph Explorer

Which CVE IDs does 2026-038-AWS cover?

2026-038-AWS covers the following CVE IDs: CVE-2026-10584. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

2026-038-AWS

CVE-2026-10584 - HTTPS Fallback to HTTP in Graph Explorer

Vendor

AWS Security Bulletins

Published

June 2, 2026

Last Modified

—

🔗 CVE IDs covered (1)

CVE-2026-10584 →

📋 Description

Bulletin ID: 2026-038-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 06/02/2026 12:15 PM PDT Description: Graph Explorer is an open source application that provides visualization and exploration of data in graph databases such as Amazon Neptune. We identified CVE-2026-10584 where, under certain circumstances, the server silently falls back to HTTP when HTTPS is enabled but certificates are unavailable, resulting in cleartext transmission of sensitive information. Impacted versions: >= 1.1.0 AND
Please refer to the article below for the most up-to-date and complete information related to this AWS Security Bulletin.

🔗 References (1)

advisoryhttps://aws.amazon.com/security/security-bulletins/rss/2026-038-aws/