Description

The Sleuth Kit through 4.14.0 contains an out-of-bounds read vulnerability in the APFS filesystem keybag parser where the wrapped_key_parser class follows attacker-controlled length fields without bounds checking, causing heap reads past the allocated buffer. An attacker can craft a malicious APFS disk image that triggers information disclosure or crashes when processed by any Sleuth Kit tool that parses APFS volumes.

INFO

Published Date :

2026-04-08T21:35:21.537Z

Last Modified :

2026-04-09T16:16:39.403Z

Source :

VulnCheck
AFFECTED PRODUCTS

The following products are affected by CVE-2026-40025 vulnerability.

Vendors Products
Sleuthkit
  • The Sleuth Kit
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-40025.

URL Resource
https://github.com/sleuthkit/sleuthkit/commit/8b9c9e7d493bd68624f3b1a3963edd45c3ff7611 cve-icon cve-icon
https://github.com/sleuthkit/sleuthkit/pull/3444 cve-icon cve-icon
https://mobasi.ai/sentinel cve-icon cve-icon
https://www.vulncheck.com/advisories/sleuth-kit-apfs-keybag-parser-out-of-bounds-read cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability
Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact