CVE Database

4+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS

4 results for "CWE-367"

CVE-2026-37531
9.8 CRITICAL

AGL app-framework-main thru 17.1.12 contains a Zip Slip path traversal vulnerability (CWE-22) combined with a TOCTOU race condition (CWE-367) in the widget installation flow. The …

May 1, 2026
CVE-2025-62511
6.3 MEDIUM

yt-grabber-tui is a C++ terminal user interface application for downloading YouTube content. yt-grabber-tui version 1.0 contains a Time-of-Check to Time-of-Use (TOCTOU) race condition (CWE-367) in …

Oct 17, 2025
CVE-2025-7647
7.3 HIGH

The llama-index-core package, up to version 0.12.44, contains a vulnerability in the `get_cache_dir()` function where a predictable, hardcoded directory path `/tmp/llama_index` is used on Linux …

Sep 27, 2025
CVE-2024-5558
6.4 MEDIUM

CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability exists that could cause escalation of privileges when an attacker abuses a limited admin account.

Jun 12, 2024

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.

Website Scanner Port Scanner