Log Information Exposure Vulnerability in FlashBlade by Pure Storage
CVE-2026-0207

8.5HIGH

Key Information:

Vendor: Purestorage
Status: Flashblade
Vendor: CVE Published:; 14 April 2026

🔔 Create Purestorage Vulnerability Alert

What is CVE-2026-0207?

A vulnerability in FlashBlade from Pure Storage allows for sensitive information to be inadvertently logged under certain circumstances. This could potentially lead to unauthorized access to critical data if exploited. Administrators should be aware of the specific conditions under which this occurs to mitigate risks associated with data exposure.

Affected Version(s)

FlashBlade 4.0.0 <= 4.4.8

FlashBlade 4.6.0 <= 4.6.3

FlashBlade 4.5.0 <= 4.5.13

References

https://support.purestorage.com/bundle/m_security_bulleti...

CVSS V4

Score:

8.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 14, 2026
Vulnerability Reserved
Oct 30, 2025

CVE-2026-0207 Data

JSON