Security Bulletin: FlashArray Snapshot Retention Policy Enforcement Vulnerability

Audience
Public
Product
FlashArray
Content Type
Source Type
Common Vulnerabilities and Exposures (CVE)

Security Bulletin: FlashArray Snapshot Retention Policy Enforcement Vulnerability

Vulnerability Status: Final Source: Pure Storage Initial Publication Date: 2026-04-14 Last Updated: 2026-04-15 12:07:40

Summary:

Under certain administrative conditions, FlashArray Purity may apply snapshot retention policies earlier or later than configured.


CVE#: CVE-2026-0209

Severity (v3): 3 - Medium

Product(s): FlashArray

Version First Fixed: Purity//FA 6.5.13, Purity//FA 6.7.7, Purity//FA 6.9.2, Purity//FA 6.10.1


References:

https://nvd.nist.gov/vuln/detail/CVE-2026-0209