Skip to main content

openSeaChest EUVDEUVD-2026-34043

| CVE-2026-10718 MEDIUM
Out-of-bounds Write (CWE-787)
2026-06-02 Seagate GHSA-qmm7-2j5h-mvvv
4.6
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
4.6 MEDIUM
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:Y/R:U/V:D/RE:L/U:Green

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:Y/R:U/V:D/RE:L/U:Green
Attack Vector
Local
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
N

Lifecycle Timeline

3
Analysis Generated
Jun 03, 2026 - 01:20 vuln.today
CVSS changed
Jun 02, 2026 - 23:22 NVD
4.6 (MEDIUM)
CVE Published
Jun 02, 2026 - 22:19 nvd
UNKNOWN (no severity yet)

DescriptionCVE.org

Out of bounds write in openSeaChest’s Trim/Unmap operation in Seagate’s openSeaChest v26.03.0 on all supported platforms allows for writing extra memory describing a range of LBAs to deallocate 16 bytes outside of the allocated space when running this operation.

AnalysisAI

Out-of-bounds write in Seagate's openSeaChest v26.03.0 allows a high-privileged local user to write 16 bytes beyond the allocated memory buffer during a Trim/Unmap (SCSI UNMAP / ATA DSM) storage operation. The flaw is confined to the LBA range descriptor construction logic and produces limited observable impact - low confidentiality exposure to the local system and a secondary system, with no integrity or availability consequences per the CVSS 4.0 vector. No public exploit identified at time of analysis, and CISA KEV does not list this vulnerability; Seagate self-disclosed the issue, suggesting responsible internal discovery.

Technical ContextAI

openSeaChest is Seagate's open-source, cross-platform command-line toolkit for managing ATA, SCSI, NVMe, and USB-attached storage devices. The Trim/Unmap operation instructs a drive to deallocate a range of Logical Block Addresses (LBAs), typically used during SCSI UNMAP or ATA DATA SET MANAGEMENT (DSM) commands. The root cause is CWE-787 (Out-of-bounds Write): the code that constructs the memory structure describing the LBA ranges to deallocate writes 16 bytes past the end of the allocated buffer. This is a classic off-by-one or miscalculated stride error in buffer sizing, consistent with the 'Buffer Overflow' and 'Memory Corruption' tags attached to this CVE. The affected version is v26.03.0 across all platforms supported by the toolkit (Linux, Windows, macOS, FreeBSD, etc.). No CPE string was provided in the source data.

Affected ProductsAI

Seagate openSeaChest version 26.03.0 is confirmed affected across all platforms supported by the toolkit, which includes Linux, Windows, macOS, and FreeBSD. No CPE string was included in the source intelligence. Version ranges outside of v26.03.0 (earlier or later) are not specified as affected or unaffected in the available data. Vendor information is available at the Seagate Product Security advisory page (https://www.seagate.com/product-security/#security-advisories) and the SeaChest support page (https://www.seagate.com/support/software/seachest/).

RemediationAI

The primary remediation is to upgrade openSeaChest to a version beyond v26.03.0 once a patched release is confirmed by Seagate. Monitor the Seagate Product Security advisory page at https://www.seagate.com/product-security/#security-advisories and the SeaChest software support page at https://www.seagate.com/support/software/seachest/ for a patched release. No exact fix version was included in the available source data - a patched released version is not independently confirmed at time of analysis. As a compensating control, restrict execution of openSeaChest to only the personnel and automated processes that strictly require it, leveraging OS-level privilege controls (sudo rules, Windows UAC policies) to limit who can invoke the Trim/Unmap subcommand. Because exploitation requires High Privileges, enforcing least-privilege principles for storage management tooling reduces the effective attack surface with no functional trade-off for standard users.

Share

EUVD-2026-34043 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy