CVE-2026-24191

NVIDIA Display Driver for Windows contains a vulnerability where an attacker could cause a time-of-check time-of-use issue. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution...

CVE-2026-42346 Postiz: TOCTOU DNS rebinding bypasses all SSRF URL validation paths

Postiz is an AI social media scheduling tool. From version 2.16.6 to before version 2.21.7, all SSRF protections added in v2.21.4–v2.21.6 share a fundamental TOCTOU Time-of-Check-Time-of-Use vulnerability: isSafePublicHttpsUrl resolves DNS to validate the target IP, but subsequent fetch calls...

Manager-io 代码问题漏洞

Manager-io is an open source accounting software from Manager.io. It is available for Windows, Mac and Linux. A code issue vulnerability exists in Manager-io 25.11.1.3085 and prior versions that stems from a TOCTOU condition in the DNS authentication mechanism, which could lead to bypassing netwo...

CVE-2020-14418

A TOCTOU vulnerability exists in madCodeHook before 2020-07-16 that allows local attackers to elevate their privileges to SYSTEM. This occurs because path redirection can occur via vectors involving directory junctions...