A vulnerability was found in Pure Storage FlashArray up to 6.5.8/6.10.5 . It has been declared as very critical . Affected is an unknown function. The manipulation results in improper authorization in handler for custom url scheme. This vulnerability is cataloged as CVE-2026-6445 . The attack may be launched remotely. There is no exploit available.