Path Traversal Vulnerability in Sleuth Kit Affects Cybersecurity Operations
CVE-2026-40024

8.4HIGH

Key Information:

Vendor: Sleuthkit
Status: Sleuthkit
Vendor: CVE Published:; 8 April 2026

What is CVE-2026-40024?

The Sleuth Kit, up to version 4.14.0, is impacted by a path traversal vulnerability in its tsk_recover component. This issue enables an attacker to exploit crafted filenames or directory paths containing traversal sequences, potentially allowing files to be written to arbitrary locations outside the designated recovery directory. By manipulating a filesystem image with embedded /../ sequences, an attacker can target the output directory, which may lead to unauthorized code execution, including the alteration of shell configurations or cron entries.

Affected Version(s)

sleuthkit 0 <= 4.14.0

sleuthkit a3f96b3bc36a8bb1a00c297f77110d4a6e7dd31b

References

https://github.com/sleuthkit/sleuthkit/commit/a3f96b3bc36...

patch

https://mobasi.ai/sentinel

vendor-advisory

https://www.vulncheck.com/advisories/sleuth-kit-tsk-recov...

third-party-advisory

CVSS V4

Score:

8.4

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 8, 2026
Vulnerability Reserved
Apr 8, 2026

Credit

Mobasi Security Team

CVE-2026-40024 Data

JSON