CVE-2026-6445

Summary

A flaw exists in FlashArray Purity where insufficient filtering of certain data paths could expose sensitive information to an authenticated user with low privileges.

Affected Software

VendorProductVersion RangeStatus
EverpureFlashArray6.5.0 <= 6.5.8affected
EverpureFlashArray6.10.0 <= 6.10.5affected

Weaknesses

  • CWE-939: CWE-939 Improper authorization in handler for custom URL scheme

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References