Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-367

CWE-367

Medium likelihood

Time-of-check Time-of-use (TOCTOU) Race Condition

Parent: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product checks the state of a resource before using that resource, but the resource's state can change between the check and the use in a way that invalidates the results of the check.

589 vulnerabilities with CWE-367

CVE-2026-1880 MEDIUM

Asus DriverHub < 1.0.6.12 - Privilege Escalation

CVE-2026-3590 MEDIUM

Race Condition in Guest Magic Link Authentication Allows Token Reuse

CVE-2026-32093 HIGH

Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability

CVE-2026-27929 HIGH

Windows LUA File Virtualization Filter Driver Elevation of Privilege Vulnerability

CVE-2026-33659 LOW

EspoCRM: SSRF via DNS Rebinding in Attachment fromImageUrl Endpoint Allows Internal Network Access

CVE-2026-35648 LOW

OpenClaw < 2026.3.22 - Policy Bypass via Unvalidated Queued Node Actions

CVE-2026-4878 MEDIUM

Libcap: libcap: privilege escalation via toctou race condition in cap_set_file()

CVE-2026-32602 MEDIUM

Homarr has a Race Condition in Invite Token Registration (TOCTOU)

CVE-2026-27456 MEDIUM

util-linux: TOCTOU Race Condition in util-linux mount(8) - Loop Device Setup

CVE-2026-30332 HIGH

Balena Etcher for Windows <2.1.4 - Privilege Escalation

CVE-2026-34452 MEDIUM

Claude SDK for Python: Memory Tool Path Validation Race Condition Allows Sandbox Escape

CVE-2026-34224 MEDIUM

Parse Server: MFA single-use token bypass via concurrent authData login requests

CVE-2026-32988 HIGH

OpenClaw < 2026.3.11 - Sandbox Boundary Bypass via Unvalidated Temporary File Creation

CVE-2026-32977 MEDIUM

OpenClaw < 2026.3.11 - Sandbox Boundary Bypass via Unanchored writeFile Commit Path

CVE-2026-32921 MEDIUM

OpenClaw < 2026.3.8 - Script Content Modification via Mutable Operand Binding in system.run

CVE-2026-25704 MEDIUM

Incomplete privilege drop for com.system76.CosmicGreeter.GetUserData

CVE-2026-33574 MEDIUM

OpenClaw < 2026.3.8 - Path Traversal via Tools Root Rebinding in Skills Download

CVE-2026-32979 HIGH

OpenClaw < 2026.3.11 - Unbound Interpreter and Runtime Commands Bypass in node-host Approval

CVE-2026-33624 LOW

Parse Server: MFA recovery code single-use bypass via concurrent requests

CVE-2026-23554 HIGH

Use after free of paging structures in EPT

CVE-2026-32043 MEDIUM

OpenClaw < 2026.2.25 - Time-of-Check-Time-of-Use via Mutable Symlink in system.run cwd Parameter

CVE-2026-31997 MEDIUM

OpenClaw < 2026.3.1 - Executable Rebind via Unbound PATH-token in system.run Approvals

CVE-2026-27670 MEDIUM

OpenClaw < 2026.3.2 - Arbitrary File Write via ZIP Extraction Parent Symlink Race Condition

CVE-2026-32943 LOW

Parse Server has a password reset token single-use bypass via concurrent requests

CVE-2026-27545 MEDIUM

OpenClaw < 2026.2.26 - Approval Bypass via Parent Symlink Current Working Directory Rebind

Previous Page 2 of 24 Next

Details

Vulnerabilities 589

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy