CVE-2026-40025

MEDIUM EPSS 2.4%
Published Apr 8, 20262mo ago · Modified Jun 17, 20261w ago
4.8 CVSS 4.0
Medium
Find Similar
Published Apr 8, 2026 2mo ago
Last Modified Jun 17, 2026 1w ago

Description

The Sleuth Kit through 4.14.0 contains an out-of-bounds read vulnerability in the APFS filesystem keybag parser where the wrapped_key_parser class follows attacker-controlled length fields without bounds checking, causing heap reads past the allocated buffer. An attacker can craft a malicious APFS disk image that triggers information disclosure or crashes when processed by any Sleuth Kit tool that parses APFS volumes.

CVSS Details

Base Score
4.8
Exploitability
Impact
Vector string
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector Local
Attack Complexity Low
Privileges Required None
User Interaction P
Scope X

Threat Intelligence

EPSS Exploit Probability
2.4% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-125 Out-of-bounds Read Memory Safety

Affected Products 1

VendorProductVersionRange
sleuthkitthe_sleuth_kit* <4.15.0

References 4

  • github.com https://github.com/sleuthkit/sleuthkit/commit/8b9c9e7d493bd68624f3b1a3963edd45c3ff7611
    Patch
  • github.com https://github.com/sleuthkit/sleuthkit/pull/3444
    Issue Tracking
  • mobasi.ai https://mobasi.ai/sentinel
    Third Party Advisory
  • vulncheck.com https://www.vulncheck.com/advisories/sleuth-kit-apfs-keybag-parser-out-of-bounds-read
    Third Party Advisory

Remediation

  • github.com https://github.com/sleuthkit/sleuthkit/commit/8b9c9e7d493bd68624f3b1a3963edd45c3ff7611
    Patch