2 matches found
CVE-2026-35360
The touch utility in uutils coreutils is vulnerable to a Time-of-Check to Time-of-Use TOCTOU race condition during file creation. When the utility identifies a missing path, it later attempts creation using File::create, which internally uses OTRUNC. An attacker can exploit this window to create ...
GHSA-QMGC-5H2G-MVRW filelock Time-of-Check-Time-of-Use (TOCTOU) Symlink Vulnerability in SoftFileLock
Vulnerability Summary Title: Time-of-Check-Time-of-Use TOCTOU Symlink Vulnerability in SoftFileLock Affected Component: filelock package - SoftFileLock class File: src/filelock/soft.py lines 17-27 CWE: CWE-362, CWE-367, CWE-59 --- Description A TOCTOU race condition vulnerability exists in the...