Login Sign Up

CWE-377: CWE-377

17
Total CVEs
2
Critical
8
High
7.2
Avg CVSS

Yearly Trend

2026
5
2025
4
2024
2
2023
1
2022
3

Top Affected Vendors

1 Intel 2
2 Apple 2
3 Dell 1
4 Redhat 1
5 Golang 1
6 Robocode 1
7 Jenkins 1
8 Llamaindex 1
9 Versa Networks 1
10 Horovod 1

All CWE-377 CVEs (17)

CVE-2012-2666
9.8

This vulnerability in Go programming language allows local privilege escalation through predictable temporary file creation. The dotest() function in ...

Jul 9, 2021
CVE-2013-4561
9.1

CVE-2013-4561 is a temporary file handling vulnerability in OpenShift's mcollective facts update cron job that allows local attackers to overwrite arb...

Jun 30, 2022
CVE-2018-16494
8.8

This vulnerability in Versa Operating System (VOS) uses an overly permissive umask setting, allowing authorized users to access files and directories ...

May 26, 2021
CVE-2025-14307
8.1

This vulnerability allows attackers to exploit insecure temporary file creation in Robocode's AutoExtract component, potentially leading to arbitrary ...

Dec 9, 2025
CVE-2023-43498
8.1

This vulnerability in Jenkins allows attackers with file system access to read and write temporary files created during file uploads before Jenkins pr...

Sep 20, 2023
CVE-2022-21809
8.1

This vulnerability allows attackers to upload arbitrary malicious files to InHand Networks InRouter302 devices via the upload.cgi functionality. Explo...

May 12, 2022
CVE-2025-46369
7.8

Dell Alienware Command Center versions before 6.10.15.0 have an insecure temporary file vulnerability that allows local low-privileged attackers to es...

Nov 13, 2025
CVE-2025-7707
7.8

The llama_index library version 0.12.33 sets the NLTK data directory to a world-writable location by default, allowing local users to tamper with or d...

Oct 13, 2025
CVE-2026-20649
7.5

This CVE describes a logging vulnerability where sensitive user information was not properly redacted in system logs. Attackers with access to log fil...

Feb 11, 2026
CVE-2022-0315
7.5

CVE-2022-0315 is an insecure temporary file vulnerability in Horovod, a distributed deep learning framework. It allows local attackers to create or ov...

Mar 24, 2022
CVE-2025-14614
6.7

This CVE describes an insecure temporary file vulnerability in Altera Quartus Prime installers on Windows. Attackers can exploit predictable temporary...

Jan 7, 2026
CVE-2025-14612
6.7

This CVE describes an insecure temporary file vulnerability in Altera Quartus Prime Pro Installer on Windows where predictable file names are used. At...

Jan 7, 2026
CVE-2026-20618
5.5

This macOS vulnerability allows applications to access sensitive user data through improper handling of temporary files. It affects macOS systems befo...

Feb 11, 2026
CVE-2024-34490
5.1

This CVE describes an insecure temporary file usage vulnerability in Maxima's plotting facilities. A local attacker can create predictable filenames i...

May 5, 2024
CVE-2025-9474
4.5

This vulnerability in Mihomo Party up to version 1.8.1 on macOS allows local attackers to create temporary files with insecure permissions via the ena...

Aug 26, 2025
CVE-2024-10372
4.5

This vulnerability in the buzz library allows local attackers to manipulate temporary files created during model downloads, potentially leading to fil...

Oct 25, 2024
CVE-2026-25701
N/A

An insecure temporary file vulnerability in openSUSE sdbootutil allows local users to pre-create directories to manipulate sensitive data. This can le...

Feb 25, 2026

About CWE-377 (CWE-377)

Our database tracks 17 CVEs classified as CWE-377, with 2 rated critical and 8 rated high severity. The average CVSS score for CWE-377 vulnerabilities is 7.2.

External reference: View CWE-377 on MITRE CWE →

Monitor CWE-377 Vulnerabilities

Get alerted when new CWE-377 CVEs affect your infrastructure.

Start Monitoring Free