Threats Tagged 'cwe-362'
View all threats tagged with 'cwe-362'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'cwe-362'
Click on any threat for detailed analysis and mitigation recommendations
CVE-2026-48505: CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') in filamentphp filamentCVE-2026-48505 0 A race condition vulnerability exists in filamentphp's filament affecting versions from 4.0.0 up to but not including 4.11.5 and 5.6.5. The flaw allows reuse of app-based multi-factor authentication recovery codes via concurrent submissions, enabling multiple authenticated sessions per recovery code. This issue only applies when recovery codes are enabled and does not affect email-based MFA. The vulnerability is fixed in versions 4.11.5 and 5.6.5. Join the discussion | CVE Database V5 | 06/22/2026, 21:39:26 UTC Added: 06/22/2026, 22:09:29 UTC |
CVE-2026-48982: CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') in mcdope pam_usbCVE-2026-48982 0 pam_usb provides hardware authentication for Linux using ordinary removable media. In versions prior to 0.9.2, when updating a one-time pad file, a temporary file is created using open() without the O_EXCL flag. Without O_EXCL, the create operation is not atomic: two concurrent processes racing to update the same pad may both succeed in opening the file, with the second write silently overwriting the first. The one-time pad is the core replay-prevention mechanism of pam_usb. A successful race could result in the stored pad value diverging from what either process expected, potentially causing authentication failures or, in a precisely timed attack, creating a window for pad reuse. This issue has been fixed in version 0.9.2. Join the discussion | CVE Database V5 | 06/18/2026, 19:01:08 UTC Added: 06/18/2026, 19:51:23 UTC |
CVE-2025-15546: CWE-362 Race Condition (Concurrent Execution using Shared Resource with Improper Synchronization) in Iptanus File UploadCVE-2025-15546 0 The Iptanus File Upload WordPress plugin before 5.1.7 does not implement proper file handling when the duplicatepolicy setting is configured to "maintain both." Due to a Time-of-Check to Time-of-Use (TOCTOU) race condition between the file existence check and the actual file write operation, an authenticated attacker can overwrite files uploaded by other users. Join the discussion | CVE Database V5 | 06/14/2026, 06:00:03 UTC Added: 06/14/2026, 07:24:24 UTC |
CVE-2026-44693: CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') in pi-hole FTLCVE-2026-44693 0 Pi-hole FTL versions prior to 6.6.1 contain a race condition vulnerability in the HTTP session management subsystem. This flaw was introduced with the version 6.0 rewrite of the embedded CivetWeb-based web server. The vulnerability allows concurrent execution using a shared resource with improper synchronization, potentially leading to high impact on confidentiality, integrity, and availability. The issue has been patched in version 6.6.1. Join the discussion | CVE Database V5 | 06/10/2026, 22:11:29 UTC Added: 06/10/2026, 22:32:03 UTC |
CVE-2026-45603: CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') in Microsoft Windows 10 Version 1607CVE-2026-45603 0 Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. Join the discussion | CVE Database V5 | 06/09/2026, 17:05:40 UTC Added: 06/09/2026, 17:27:00 UTC |
CVE-2026-45601: CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') in Microsoft Windows 10 Version 1607CVE-2026-45601 0 Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. Join the discussion | CVE Database V5 | 06/09/2026, 17:05:34 UTC Added: 06/09/2026, 17:27:00 UTC |
CVE-2026-45598: CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') in Microsoft Windows 10 Version 1607CVE-2026-45598 0 Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. Join the discussion | CVE Database V5 | 06/09/2026, 17:05:34 UTC Added: 06/09/2026, 17:26:57 UTC |
CVE-2026-45597: CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') in Microsoft Windows 11 version 23H2CVE-2026-45597 0 Concurrent execution using shared resource with improper synchronization ('race condition') in UI Automation Manager (uiamanager.dll) allows an authorized attacker to elevate privileges locally. Join the discussion | CVE Database V5 | 06/09/2026, 17:05:33 UTC Added: 06/09/2026, 17:26:57 UTC |
CVE-2026-45596: CWE-416: Use After Free in Microsoft Windows 10 Version 1607CVE-2026-45596 0 Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. Join the discussion | CVE Database V5 | 06/09/2026, 17:05:36 UTC Added: 06/09/2026, 17:26:57 UTC |
CVE-2026-44818: CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') in Microsoft Microsoft 365 Apps for EnterpriseCVE-2026-44818 0 Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Join the discussion | CVE Database V5 | 06/09/2026, 17:04:32 UTC Added: 06/09/2026, 17:26:41 UTC |
Showing 1 to 10 of 27 results