CWE · MITRE source
CWE-820Missing Synchronization
The product utilizes a shared resource in a concurrent manner but does not attempt to synchronize access to the resource.
If access to a shared resource is not synchronized, then the resource may not be in a state that is expected by the product. This might lead to unexpected or insecure behaviors, especially if an attacker can influence the shared resource.
Last updated: 09 May 2026 03:25 UTC
NIST 800-53 r5 controls that address this weakness (0)AI
| Control | Title | Family | Why it addresses this CWE |
|---|---|---|---|
| No NIST controls proposed yet. | |||
Top CVEs of this weakness type, ranked by Risk Priority
| CVE | Risk | CVSS | EPSS | Published |
|---|---|---|---|---|
CVE-2025-47154 | 1.9 | 9.0 | 0.0115 | 2025-05-01 |
CVE-2023-2801 | 1.6 | 7.5 | 0.0087 | 2023-06-06 |
CVE-2024-49114 | 1.6 | 7.8 | 0.0032 | 2024-12-12 |
CVE-2026-22163 | 1.6 | 7.8 | 0.0001 | 2026-03-20 |
CVE-2025-1445 | 1.5 | 7.5 | 0.0010 | 2025-03-25 |
CVE-2022-50238 | 1.5 | 7.4 | 0.0005 | 2025-09-08 |
CVE-2023-45084 | 1.4 | 7.0 | 0.0003 | 2023-12-05 |
CVE-2025-47999 | 1.4 | 6.8 | 0.0075 | 2025-07-08 |
CVE-2025-49751 | 1.4 | 6.8 | 0.0045 | 2025-08-12 |
CVE-2024-30387 | 1.3 | 6.5 | 0.0007 | 2024-04-12 |