CVE-2025-9127 HIGH

CVE-2025-9127: PX Enterprise Improper Sanitization Vulnerability

Vendor Pure Storage
Product PX Enterprise
Weakness CWE-116
Published December 4, 2025
Last update December 4, 2025

CVSS base score

8.4/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H

What the vulnerability does

01Description

A vulnerability exists in PX Enterprise whereby sensitive information may be logged under specific conditions.

Key dates

02Disclosure timeline

December 4, 2025 CVE published
December 4, 2025 Record updated

Related vulnerabilities

04Related CVE