VYPR

CWE-367

Time-of-check Time-of-use (TOCTOU) Race Condition

BaseIncompleteLikelihood: Medium

Description

The product checks the state of a resource before using that resource, but the resource's state can change between the check and the use in a way that invalidates the results of the check.

Hierarchy (View 1000)

Parents

Children

Related attack patterns (CAPEC)

CAPEC-27 · CAPEC-29

CVEs mapped to this weakness (249)

page 7 of 13
  • CVE-2026-32977MedMar 31, 2026
    risk 0.34cvss 6.3epss 0.00

    OpenClaw before 2026.3.11 contains a sandbox boundary bypass vulnerability in the fs-bridge writeFile commit step that uses an unanchored container path during the final move operation. An attacker can exploit a time-of-check-time-of-use race condition by modifying parent paths…

  • CVE-2026-32921MedMar 31, 2026
    risk 0.34cvss 6.3epss 0.00

    OpenClaw before 2026.3.8 contains an approval bypass vulnerability in system.run where mutable script operands are not bound across approval and execution phases. Attackers can obtain approval for script execution, modify the approved script file before execution, and execute…

  • CVE-2025-54667MedAug 14, 2025
    risk 0.34cvss 5.3epss 0.00

    Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Saad Iqbal myCred mycred allows Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions.This issue affects myCred: from n/a through <= 2.9.4.3.

  • CVE-2025-26620MedFeb 18, 2025
    risk 0.34cvss epss 0.00

    Duende.AccessTokenManagement is a set of .NET libraries that manage OAuth and OpenId Connect access tokens. Duende.AccessTokenManagement contains a race condition when requesting access tokens using the client credentials flow. Concurrent requests to obtain an access token using…

  • CVE-2022-45809MedDec 19, 2023
    risk 0.34cvss 5.3epss 0.00

    Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Ricard Torres Thumbs Rating.This issue affects Thumbs Rating: from n/a through 5.0.0.

  • CVE-2018-6693MedSep 18, 2018
    risk 0.34cvss 5.3epss 0.00

    An unprivileged user can delete arbitrary files on a Linux system running ENSLTP 10.5.1, 10.5.0, and 10.2.3 Hotfix 1246778 and earlier. By exploiting a time of check to time of use (TOCTOU) race condition during a specific scanning sequence, the unprivileged user is able to…

  • CVE-2026-41051MedMay 13, 2026
    risk 0.33cvss 5.0epss 0.00

    csync2 uses insecure temporary directories when compiled with C99 or later, allowing for TOCTOU style attacks on the temporary directories.

  • CVE-2026-33574MedMar 29, 2026
    risk 0.33cvss 6.2epss 0.00

    OpenClaw before 2026.3.8 contains a path traversal vulnerability in the skills download installer that validates the tools root lexically but reuses the mutable path during archive download and copy operations. A local attacker can rebind the tools-root path between validation…

  • CVE-2025-64118MedOct 30, 2025
    risk 0.33cvss epss 0.00

    node-tar is a Tar for Node.js. In 7.5.1, using .t (aka .list) with { sync: true } to read tar entry contents returns uninitialized memory contents if tar file was changed on disk to a smaller size while being read. This vulnerability is fixed in 7.5.2.

  • CVE-2025-2425MedJul 18, 2025
    risk 0.33cvss epss 0.00

    Time-of-check to time-of-use race condition vulnerability potentially allowed an attacker to use the installed ESET security software to clear the content of an arbitrary file on the file system.

  • CVE-2015-1865MedSep 20, 2017
    risk 0.33cvss 5.1epss 0.00

    fts.c in coreutils 8.4 allows local users to delete arbitrary files.

  • CVE-2022-48682MedApr 26, 2024
    risk 0.32cvss 6.0epss 0.00

    In deletefiles in FDUPES before 2.2.0, a TOCTOU race condition allows arbitrary file deletion via a symlink.

  • CVE-2026-35359MedApr 22, 2026
    risk 0.31cvss 4.7epss 0.00

    A Time-of-Check to Time-of-Use (TOCTOU) vulnerability in the cp utility of uutils coreutils allows an attacker to bypass no-dereference intent. The utility checks if a source path is a symbolic link using path-based metadata but subsequently opens it without the O_NOFOLLOW flag.…

  • CVE-2026-35357MedApr 22, 2026
    risk 0.31cvss 4.7epss 0.00

    The cp utility in uutils coreutils is vulnerable to an information disclosure race condition. Destination files are initially created with umask-derived permissions (e.g., 0644) before being restricted to their final mode (e.g., 0600) later in the process. A local attacker can…

  • CVE-2026-35354MedApr 22, 2026
    risk 0.31cvss 4.7epss 0.00

    A Time-of-Check to Time-of-Use (TOCTOU) vulnerability exists in the mv utility of uutils coreutils during cross-device moves. The extended attribute (xattr) preservation logic uses multiple path-based system calls that perform fresh path-to-inode lookups for each operation. A…

  • CVE-2026-25704MedMar 30, 2026
    risk 0.31cvss epss 0.00

    A Privilege Dropping / Lowering Errors/Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in  cosmic-greeter can allow an attacker to regain privileges that should have been dropped and abuse them in the racy checking logic. This issue affects cosmic-greeter…

  • CVE-2025-39713MedSep 5, 2025
    risk 0.31cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: media: rainshadow-cec: fix TOCTOU race condition in rain_interrupt() In the interrupt handler rain_interrupt(), the buffer full check on rain->buf_len is performed before acquiring rain->buf_lock. This creates…

  • CVE-2024-21792MedMay 16, 2024
    risk 0.31cvss 4.7epss 0.00

    Time-of-check Time-of-use race condition in Intel(R) Neural Compressor software before version 2.5.0 may allow an authenticated user to potentially enable information disclosure via local access.

  • CVE-2005-1111MedMay 2, 2005
    risk 0.31cvss 4.7epss 0.00

    Race condition in cpio 2.6 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by cpio after the decompression is complete.

  • CVE-2024-36311MedFeb 10, 2026
    risk 0.30cvss epss 0.00

    A Time-of-check time-of-use (TOCTOU) race condition in the SMM communications buffer could allow a privileged attacker to bypass input validation and perform an out of bounds read or write, potentially resulting in loss of confidentiality, integrity, or availability.