CVE-2026-49401

Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.7.14, Deno's permission system enforces filesystem and execution restrictions by comparing the requested path against the path supplied to --deny-read, --deny-write, --deny-run, or --deny-ffi. On macOS, that comparison was done...

CVE-2026-49401

CVE-2026-49401 describes a permission bypass in Deno on macOS APFS prior to v2.7.14. The denial checks for --deny-read/--deny-write/--deny-run/--deny-ffi were performed at the raw-byte level, but APFS considers different Unicode spellings of the same name as the same file. This allowed a process ...

CVE-2026-49401 Deno Permission Bypass via Unicode Normalization Mismatch on macOS (APFS)

Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.7.14, Deno's permission system enforces filesystem and execution restrictions by comparing the requested path against the path supplied to --deny-read, --deny-write, --deny-run, or --deny-ffi. On macOS, that comparison was done...

About the security content of visionOS 26.5

About the security content of visionOS 26.5 This document describes the security content of visionOS 26.5. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are...

About the security content of macOS Sequoia 15.7.7

About the security content of macOS Sequoia 15.7.7 This document describes the security content of macOS Sequoia 15.7.7. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or...

About the security content of macOS Sonoma 14.8.7

About the security content of macOS Sonoma 14.8.7 This document describes the security content of macOS Sonoma 14.8.7. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or release...

Sleuth Kit APFS Keybag Parser Out-of-Bounds Read

...

SUSE CVE-2026-40025

The Sleuth Kit through 4.14.0 contains an out-of-bounds read vulnerability in the APFS filesystem keybag parser where the wrappedkeyparser class follows attacker-controlled length fields without bounds checking, causing heap reads past the allocated buffer. An attacker can craft a malicious APFS...

EUVD-2026-20761

The Sleuth Kit through 4.14.0 contains an out-of-bounds read vulnerability in the APFS filesystem keybag parser where the wrappedkeyparser class follows attacker-controlled length fields without bounds checking, causing heap reads past the allocated buffer. An attacker can craft a malicious APFS...

Linux Distros Unpatched Vulnerability : CVE-2026-40025

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Sleuth Kit through 4.14.0 contains an out-of-bounds read vulnerability in the APFS filesystem keybag parser where the wrappedkeyparser class follows...

DEBIAN-CVE-2026-40025

The Sleuth Kit through 4.14.0 contains an out-of-bounds read vulnerability in the APFS filesystem keybag parser where the wrappedkeyparser class follows attacker-controlled length fields without bounds checking, causing heap reads past the allocated buffer. An attacker can craft a malicious APFS...

UBUNTU-CVE-2026-40025

The Sleuth Kit through 4.14.0 contains an out-of-bounds read vulnerability in the APFS filesystem keybag parser where the wrappedkeyparser class follows attacker-controlled length fields without bounds checking, causing heap reads past the allocated buffer. An attacker can craft a malicious APFS...

CVE-2026-40025 Sleuth Kit APFS Keybag Parser Out-of-Bounds Read

The Sleuth Kit through 4.14.0 contains an out-of-bounds read vulnerability in the APFS filesystem keybag parser where the wrappedkeyparser class follows attacker-controlled length fields without bounds checking, causing heap reads past the allocated buffer. An attacker can craft a malicious APFS...

CVE-2026-40025

The Sleuth Kit through 4.14.0 contains an out-of-bounds read vulnerability in the APFS filesystem keybag parser where the wrappedkeyparser class follows attacker-controlled length fields without bounds checking, causing heap reads past the allocated buffer. An attacker can craft a malicious APFS...

CVE-2026-40025 Sleuth Kit APFS Keybag Parser Out-of-Bounds Read

The Sleuth Kit through 4.14.0 contains an out-of-bounds read vulnerability in the APFS filesystem keybag parser where the wrappedkeyparser class follows attacker-controlled length fields without bounds checking, causing heap reads past the allocated buffer. An attacker can craft a malicious APFS...

Security Bulletin: Maximo AI Service uses tar-7.4.3.tgz which is vulnerable to CVE-2026-23745 and CVE-2026-23950.

Summary Maximo AI Service uses tar-7.4.3.tgz which is vulnerable to CVE-2026-23745 and CVE-2026-23950. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2026-23950 DESCRIPTION: node-tar,a Tar for Node.js, has a race condition...

Race Condition in node-tar Path Reservations via Unicode Ligature Collisions on macOS APFS

TITLE: Race Condition in node-tar Path Reservations via Unicode Sharp-S ß Collisions on macOS APFS AUTHOR: Tomás Illuminati Details A race condition vulnerability exists in node-tar v7.5.3 this is to an incomplete handling of Unicode path collisions in the path-reservations system. On...

EUVD-2023-60134

In the Linux kernel, the following vulnerability has been resolved: hfs: fix missing hfsbnodeget in hfsbnodecreate Syzbot found a kernel BUG in hfsbnodeput: kernel BUG at fs/hfs/bnode.c:466! invalid opcode: 0000 1 PREEMPT SMP KASAN CPU: 0 PID: 3634 Comm: kworker/u4:5 Not tainted...

CVE-2025-40243 hfs: fix KMSAN uninit-value issue in hfs_find_set_zero_bits()

In the Linux kernel, the following vulnerability has been resolved: hfs: fix KMSAN uninit-value issue in hfsfindsetzerobits The syzbot reported issue in hfsfindsetzerobits: ===================================================== BUG: KMSAN: uninit-value in hfsfindsetzerobits+0x74d/0xb60...

The vulnerability of the APFS component of the macOS operating system, which allows a hacker to disclose protected information

The vulnerability of the APFS component in the macOS operating system is related to access control deficiencies. Exploiting this vulnerability can allow an attacker to disclose protected information...