CVE-2026-10718

MEDIUM

Open Seachest/Seachest NVMe Trim (Deallocate) Vulnerability

Title source: cna

Description

Out of bounds write in openSeaChest’s Trim/Unmap operation in Seagate’s openSeaChest v26.03.0 on all supported platforms allows for writing extra memory describing a range of LBAs to deallocate 16 bytes outside of the allocated space when running this operation.

References (2)

Core 2

Core References

https://www.seagate.com/product-security/#security-advisories

https://www.seagate.com/support/software/seachest/

Scores

CVSS v4 4.6

EPSS 0.0011

EPSS Percentile 1.7%

CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:Y/R:U/V:D/RE:L/U:Green

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-787

Status published

Published Jun 02, 2026

Tracked Since Jun 03, 2026