CWE-362

Medium likelihood

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Parent: CWE-662 - Improper Synchronization

The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.

2,378 vulnerabilities with CWE-362
CVE-2026-43353 HIGH
i3c: mipi-i3c-hci: Fix race in DMA ring dequeue
CVSS 7.8
CVE-2026-43342 MEDIUM
usb: gadget: f_rndis: Protect RNDIS options with mutex
CVSS 4.7
CVE-2026-7960 MEDIUM
Google Chrome - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVSS 5.3
CVE-2026-7954 LOW
Google Chrome - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVSS 3.1
CVE-2026-7948 HIGH
Google Chrome - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVSS 7.5
CVE-2026-43275 MEDIUM
scsi: ufs: core: Flush exception handling work when RPM level is zero
CVSS 4.7
CVE-2026-43198 CRITICAL
tcp: fix potential race in tcp_v6_syn_recv_sock()
CVSS 9.8
CVE-2026-43163 MEDIUM
md/bitmap: fix GPF in write_page caused by resize race
CVSS 4.7
CVE-2026-43121 MEDIUM
io_uring/zcrx: fix user_ref race between scrub and refill paths
CVSS 4.7
CVE-2026-43116 HIGH
netfilter: ctnetlink: ensure safe access to master conntrack
CVSS 7.8
CVE-2026-7846 LOW
chatchat-space Langchain-Chatchat OpenAI-Compatible File Upload API openai_routes.py files toctou
CVSS 2.6
CVE-2026-7724 MEDIUM
PrefectHQ prefect Webhook/Notification validate_restricted_url toctou
CVSS 5.0
CVE-2026-43023 HIGH
Bluetooth: SCO: fix race conditions in sco_sock_connect()
CVSS 7.8
CVE-2026-31761 HIGH
iio: gyro: mpu3050: Move iio_device_register() to correct location
CVSS 7.8
CVE-2026-31751 MEDIUM
comedi: dt2815: add hardware detection to prevent crash
CVSS 4.7
CVE-2026-31728 MEDIUM
usb: gadget: u_ether: Fix race between gether_disconnect and eth_stop
CVSS 4.7
CVE-2026-31700 HIGH
net/packet: fix TOCTOU race on mmap'd vnet_hdr in tpacket_snd()
CVSS 7.8
CVE-2026-26206 MEDIUM
Wazuh: API brute-force protection bypass via race condition in login attempt tracking
CVSS 6.5
CVE-2026-7351 LOW
Google Chrome <147.0.7727.138 - Info Disclosure
CVSS 3.1
CVE-2026-41913 LOW
OpenClaw < 2026.4.4 - Rate-Limit Bypass via Concurrent Async Authentication Attempts
CVSS 3.7
CVE-2026-3006 HIGH
WinFSP - Race Condition Local Privilege Escalation
CVSS 7.0
CVE-2026-31572 MEDIUM
i2c: designware: amdisp: Fix resume-probe race condition issue
CVSS 4.7
CVE-2026-6921 HIGH
Google Chrome <147.0.7727.117 - Sandbox Escape
CVSS 8.3
CVE-2026-31516 HIGH
xfrm: prevent policy_hthresh.work from racing with netns teardown
CVSS 7.8
CVE-2026-31466 MEDIUM
mm/huge_memory: fix folio isn't locked in softleaf_to_folio()
CVSS 4.7
Details
Vulnerabilities 2,378
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits