CWE-379— Creation of Temporary File in Directory with Insecure Permissions

54 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →

CVEs classified under CWE-379page 2 of 2

CVE-2025-33111MEDIUMCVSS 4.3EG 4.3
2025-12-08
IBM Controller 11.1.0 through 11.1.1 and IBM Cognos Controller 11.0.0 through 11.0.1 FP6 is vulnerable to creation of temporary files without atomic operations which may expose sensitive information to an authenticated user due to race con…
CVE-2025-64896MEDIUMCVSS 5.5EG 5.5
2025-12-09
Creative Cloud Desktop versions 6.4.0.361 and earlier are affected by a Creation of Temporary File in Directory with Incorrect Permissions vulnerability that could lead to application denial-of-service. An attacker could exploit this vulne…
CVE-2025-71176MEDIUMCVSS 6.8EG 6.8
2026-01-22
pytest through 9.0.2 on UNIX relies on directories with the /tmp/pytest-of-{user} name pattern, which allows local users to cause a denial of service or possibly gain privileges.
CVE-2026-42191MEDIUMCVSS 6.5EG 6.5
2026-05-12
OpenTelemetry.Exporter.OpenTelemetryProtocol is the OTLP (OpenTelemetry Protocol) exporter implementation. From 1.8.0 to 1.15.2, the OTLP disk retry feature in OpenTelemetry.Exporter.OpenTelemetryProtocol silently fell back to Path.GetTemp…

Map vulnerabilities like CWE-379 to your infrastructure

EchelonGraph correlates every CVE — across CWE-379 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.

Start Free Scan →