CVE 8.7 HIGH

CVE-2026-6445_CVE-2026-6445

June 9, 2026 invoker category_cve

8.7 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Description

A flaw exists in FlashArray Purity where insufficient filtering of certain data paths could expose sensitive information to an authenticated user with low privileges.

AI Analysis

Insufficient filtering of data paths exposes sensitive information to low-privileged authenticated users

Basic Information

ID CVE-2026-6445

Source Everpure

Published Jun 9, 2026 at 18:40

Modified Jun 9, 2026 at 20:03

Affected Product

Vendor Everpure

Product FlashArray

Version 6.5.0, 6.10.0

Affected Versions Everpure FlashArray 6.5.0
Everpure FlashArray 6.10.0

CWE Classification

CWE-939

AI Assessment

AI Score 8.7 / 10

AI Severity High

Vendor Pure Storage

Product FlashArray

Version 6.5.0, 6.10.0

References

support.purestorage.com /bundle/m_security_bulletins/page/Pure_Security/topics/concept/c_security_bulletins.html

{
    "lastseen": "",
    "description": "A flaw exists in FlashArray Purity where insufficient filtering of certain data paths could expose sensitive information to an authenticated user with low privileges.",
    "published": "2026-06-09T18:40:03.334Z",
    "modified": "2026-06-09T20:03:07.992Z",
    "type": "cve",
    "title": "CVE-2026-6445",
    "source": "Everpure",
    "references": "https://support.purestorage.com/bundle/m_security_bulletins/page/Pure_Security/topics/concept/c_security_bulletins.html",
    "id": "CVE-2026-6445",
    "bulletinFamily": "",
    "cwe": [
        "CWE-939"
    ],
    "cvelist": null,
    "sourceData": "Everpure FlashArray 6.5.0\nEverpure FlashArray 6.10.0",
    "sourceHref": "",
    "cvss": {
        "score": 8.7,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "FlashArray",
    "version": "6.5.0, 6.10.0",
    "vendor": "Everpure",
    "ai_description": "Insufficient filtering of data paths exposes sensitive information to low-privileged authenticated users",
    "ai_severity": "High",
    "ai_vendor": "Pure Storage",
    "ai_product": "FlashArray",
    "ai_version": "6.5.0, 6.10.0",
    "ai_score": 8.7
}

💭 Join the Security Discussion ❌ Cancel Reply