CVE-2026-10719 | Out of bounds write in openSeaChest’s --showSupportedFormats… | CVSS 1.8 LOW

Description

Out of bounds write in openSeaChest’s --showSupportedFormats in Seagate’s openSeaChest v25.05.3 on all supported platforms allows for writing 1 extra byte outside of allocated memory which sets a value to 1 via a maliciously crafted NVMe device with a bogus value in the namespace FLBAS byte.

Metadata

CVE ID: CVE-2026-10719
State: PUBLISHED
Assigner: Seagate
Reserved: 2026-06-02 22:28 UTC
Published: 2026-06-02 22:31 UTC
Last updated: 2026-06-03 13:11 UTC
Primary CWE: CWE-787
CWE-787 Out-of-bounds write
Sources: cve.org · NVD

Severity & Metrics

1.8 LOW CVSS 4.0

CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:L/VA:L/SC:N/SI:L/SA:L/S:N/AU:Y/R:A/V:D/RE:L/U:Clear

SSVC — CISA Coordinator

Exploitation: none
Automatable: no
Tech. Impact: partial

Affected products (1)

Vendor	Product	Platform	Versions
—	—	—	0 ≤ 25.05.3

Weakness (CWE)

CWE	Source	Description
CWE-787	cna	CWE-787 Out-of-bounds write

CVSS scores (1)

Score	Severity	Version	Source	Vector
1.8	LOW	4.0	cna	CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:L/VA:L/SC:N/SI:L/SA:L/S:N/AU:Y/R:A/V:D/RE:L/U:Clear

References (2)