Weaknesses of type CWE-367
504 resultsCVE-2026-34224LOWParse Server: MFA single-use token bypass via concurrent authData login requestsEPSS 0.3%CVE-2026-25052CRITICALn8n Improper File Access Controls Allow Arbitrary File Read by Authenticated UsersEPSS 0.3%CVE-2026-26017HIGHCoreDNS ACL BypassEPSS 0.3%CVE-2024-51563MEDIUMbhyve(8) virtio_vq_recordon time-of-check to time-of-use raceEPSS 0.3%CVE-2025-71215HIGHA time-of-check time-of-use vulnerability in the Trend Micro Apex One (mac) agent iCore service signature verification could allow a local aEPSS 0.3%CVE-2026-45208HIGHA time-of-check time-of-use vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installaEPSS 0.3%CVE-2021-31422HIGHThis vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.1-49141. An attacker muEPSS 0.3%CVE-2025-67124MEDIUMA TOCTOU and symlink race in svenstaro/miniserve 0.32.0 upload finalization (when uploads are enabled) can allow an attacker to overwrite arEPSS 0.3%CVE-2022-1537HIGHfile.copy operations in GruntJS are vulnerable to a TOCTOU race condition leading to arbitrary file write in gruntjs/gruntEPSS 0.3%CVE-2026-20831HIGHWindows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityEPSS 0.3%CVE-2026-50631HIGHApache CXF: OAuth2: TOCTOU Race Condition in Refresh Token ProcessingEPSS 0.3%CVE-2025-64180CRITICALManager-io/Manager: Complete Bypass of SSRF Protection via Time-of-Check Time-of-Use (TOCTOU)EPSS 0.3%CVE-2025-53134HIGHWindows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityEPSS 0.3%CVE-2025-21191HIGHWindows Local Security Authority (LSA) Elevation of Privilege VulnerabilityEPSS 0.3%CVE-2022-36929HIGHLocal Privilege Escalation in Zoom Rooms for Windows ClientsEPSS 0.3%CVE-2023-2007—The specific flaw exists within the DPT I2O Controller driver. The issue results from the lack of proper locking when performing operations EPSS 0.3%CVE-2020-8016MEDIUMrace condition in the packaging of texlive-filesystenEPSS 0.3%CVE-2026-25728CRITICALClipBucket v5 Affected by Remote Code Execution via Avatar/Background File Upload Race ConditionEPSS 0.3%CVE-2026-1035LOWOrg.keycloak.protocol.oidc: keycloak refresh token reuse bypass via toctou race conditionEPSS 0.3%CVE-2025-62004HIGHBullWall Server Intrusion Protection (SIP) initialization race conditionEPSS 0.3%