By weakness (CWE)
CWE-362: related vulnerabilities
CVEs classified under CWE-362. Understanding the weakness class helps prioritize systemic fixes over one-off patches.
4 published vulnerabilities
- CVE-2026-10940HIGH 8.3
A race condition vulnerability in Chrome's media codec handling allows an attacker who has already compromised Chrome's renderer process to escape the browser sandbox on Windows systems. The attacker would need to trick a user into visiting a specially crafted website, but once the renderer is compromised, this flaw could give the attacker full system-level access. Chrome versions before 149.0.7827.53 on Windows are affected.
- CVE-2026-46157HIGH 7.8
A concurrency bug exists in the Linux kernel's ALSA (Advanced Linux Sound Architecture) OSS (Open Sound System) compatibility layer. When multiple processes try to access and modify the trigger control bit simultaneously, the kernel lacks proper synchronization, allowing writes to corrupt not just the intended trigger flag but adjacent bit fields in memory. This confusion can destabilize audio subsystem behavior. The vulnerability requires local access and privileges to trigger.
- CVE-2026-10006HIGH 7.5
A race condition in Google Chrome's WebAudio component allows attackers to execute arbitrary code within the browser sandbox by serving a specially crafted HTML page to a user. The vulnerability requires user interaction (clicking or navigating to the malicious page) but does not require special privileges. Successfully exploiting this issue could allow an attacker to run code with the permissions of the Chrome process, potentially leading to data theft, malware installation, or further system compromise.
- CVE-2026-10565LOW 3.1
A race condition vulnerability has been discovered in Open5GS versions up to 2.7.6 that affects the NGAP Handover security mode processing function. The flaw allows an authenticated attacker to trigger a timing-dependent race condition that results in a denial-of-service condition. While a public exploit exists, successful exploitation requires specific conditions and careful timing, making real-world attacks difficult to execute reliably.