CVE-2026-40024

Source
https://cve.org/CVERecord?id=CVE-2026-40024
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-40024.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-40024
Downstream
Published
2026-04-08T21:35:20.662Z
Modified
2026-07-08T08:13:08.887144461Z
Severity
  • 8.4 (High) CVSS_V4 - CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N CVSS Calculator
Summary
Sleuth Kit tsk_recover Path Traversal
Details

The Sleuth Kit through 4.14.0 contains a path traversal vulnerability in tskrecover that allows an attacker to write files to arbitrary locations outside the intended recovery directory via crafted filenames or directory paths with path traversal sequences in a filesystem image. An attacker can craft a malicious filesystem image with embedded /../ sequences in filenames that, when processed by tskrecover, writes files outside the output directory, potentially achieving code execution by overwriting shell configuration or cron entries.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/40xxx/CVE-2026-40024.json",
    "cwe_ids": [
        "CWE-22"
    ],
    "cna_assigner": "VulnCheck"
}
References

Affected packages

Git / github.com/sleuthkit/sleuthkit

Affected ranges

Type
GIT
Repo
https://github.com/sleuthkit/sleuthkit
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Fixed
Database specific
{
    "source": [
        "CPE_RANGE",
        "REFERENCES"
    ],
    "cpe": "cpe:2.3:a:sleuthkit:the_sleuth_kit:*:*:*:*:*:*:*:*",
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "4.15.0"
        }
    ]
}

Affected versions

ct-3.*
ct-3.12.0
ct-3.13.0
ct-3.15.0
ct-3.5.0
ct-3.6.0
ct-3.9.0
sleuthkit-4.*
sleuthkit-4.0.2
sleuthkit-4.12.0
sleuthkit-4.14.0
sleuthkit-4.6.3

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-40024.json"