NVD HIGH: CVE-2026-40024 — The Sleuth Kit through 4.14.0 contains a path traversal vulnerability in tsk_rec...
The Sleuth Kit through 4.14.0 contains a path traversal vulnerability in tsk_recover that allows an attacker to write files to arbitrary locations outside the intended recovery directory via crafted filenames or directory paths with path traversal sequences in a filesystem image. An attacker can craft a malicious filesystem image with embedded /../ sequences in filenames that, when processed by ts
CVE-2026-40024