CWE-366: CWE-366

Total CVEs

Critical

High

7.7

Avg CVSS

Yearly Trend

2026

2025

2023

2021

Top Affected Vendors

1 Synology 1

2 Linux 1

3 Fedoraproject 1

4 Redhat 1

5 Sap 1

6 Outray 1

7 Ivanti 1

8 Xen 1

All CWE-366 CVEs (6)

CVE-2025-58143

9.8

CVE-2025-58143 is a race condition vulnerability in Xen's viridian code that allows a malicious guest VM to cause Xen to free a memory page while it's...

Sep 11, 2025

CVE-2021-26569

9.8

A race condition vulnerability in Synology DiskStation Manager's iSCSI snapshot component allows remote attackers to execute arbitrary code via crafte...

Mar 12, 2021

CVE-2024-10630

7.8

A race condition vulnerability in Ivanti Application Control Engine allows authenticated local attackers to bypass application blocking controls. This...

Jan 14, 2025

CVE-2023-6546

7.0

This CVE describes a race condition vulnerability in the Linux kernel's GSM 0710 tty multiplexor. It allows a local unprivileged user to trigger a use...

Dec 21, 2023

CVE-2026-23684

5.9

A race condition vulnerability in SAP Commerce Cloud allows attackers to manipulate cart entries during product addition, potentially enabling checkou...

Feb 10, 2026

CVE-2026-22819

5.9

Outray versions before 0.1.5 contain a race condition vulnerability where free plan users can bypass subdomain limits due to missing database transact...

Jan 14, 2026

About CWE-366 (CWE-366)

Our database tracks 6 CVEs classified as CWE-366, with 2 rated critical and 2 rated high severity. The average CVSS score for CWE-366 vulnerabilities is 7.7.

External reference: View CWE-366 on MITRE CWE →

Monitor CWE-366 Vulnerabilities

Get alerted when new CWE-366 CVEs affect your infrastructure.

Start Monitoring Free