Mxgraph
This hub aggregates every CVE we track for Mxgraph, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
3
CVEs tracked
1
Critical
0
High
0
In CISA KEV
Severity distribution
MEDIUM2CRITICAL1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 3 most recently published vulnerabilities affecting Mxgraph.
- CVE-2022-40440mxGraph v4.2.2 was discovered to contain a cross-site scripting (XSS) vulnerability via the setTooltips() function.6.1
- CVE-2019-13127An issue was discovered in mxGraph through 4.0.0, related to the "draw.io Diagrams" plugin before 8.3.14 for Confluence and other products. Improper input validation/sanitization of a color field l...6.1
- CVE-2017-18197In mxGraphViewImageReader.java in mxGraph before 3.7.6, the SAXParserFactory instance in convert() is missing flags to prevent XML External Entity (XXE) attacks, as demonstrated by /ServerView.9.8
Product normalization is registry-driven with AI assist and human review. How it works