CWE-362— Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)
The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.— MITRE CWE catalog
2,207 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-362page 45 of 45
- CVE-2026-7948HIGHCVSS 7.5EG 7.52026-05-06
Race in Chromoting in Google Chrome on Windows prior to 148.0.7778.96 allowed a local attacker to perform privilege escalation via a malicious file. (Chromium security severity: Medium)
- CVE-2026-7954LOWCVSS 3.1EG 3.12026-05-06
Race in Shared Storage in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
- CVE-2026-7960MEDIUMCVSS 5.3EG 5.32026-05-06
Race in Speech in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity:…
- CVE-2026-8520HIGHCVSS 8.3EG 8.32026-05-14
Race in Payments in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
- CVE-2026-8741LOWCVSS 3.1EG 3.12026-05-17
A vulnerability has been found in EMQX up to 6.2.0. This affects an unknown function of the file apps/emqx/src/emqx_persistent_session_ds.erl of the component QoS 2 PUBLISH Packet Handler. Such manipulation leads to race condition. The att…
- CVE-2026-9831MEDIUMCVSS 6.3EG 6.32026-05-29
A race condition in the shared Extreme Platform ONE IAM Gateway API-key authentication path could, under specific high-concurrency traffic conditions, intermittently allow requests authenticated with an Extreme Platform ONE /IAM-issued API…
- CVE-2026-9959LOWCVSS 3.1EG 3.12026-05-28
Race in WebRTC in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)
Map vulnerabilities like CWE-362 to your infrastructure
EchelonGraph correlates every CVE — across CWE-362 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →