Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%

CWE-840 (业务逻辑错误) — Vulnerability Class 86

86 vulnerabilities classified as CWE-840 (业务逻辑错误). AI Chinese analysis included.

This page documents vulnerabilities categorized under the Common Weakness Enumeration type CWE-840, also known as Race Condition. It serves as a centralized aggregation hub for security researchers and software developers seeking to understand the implications of timing-dependent errors in software systems. The content collected here spans a broad historical range, encompassing vulnerability disclosures from early instances of the weakness up to recent years, ensuring a comprehensive view of how this specific class of bugs has manifested across different eras of software development. By accessing this resource, users can systematically track vendor security advisories that address race condition flaws, allowing for better assessment of risk exposure in their own environments. The page also facilitates a deeper understanding of the CWE-840 weakness class itself, providing context on the technical mechanisms that lead to such errors, such as improper synchronization of shared resources. Additionally, readers can look up individual products to view their specific vulnerability history related to timing races, helping identify legacy systems or components that may still be susceptible to exploitation if proper mitigations have not been applied. This structured approach helps prioritize remediation efforts by highlighting which products have been most frequently affected by this particular weakness type over time, supporting informed decision-making regarding patch management and code review processes for concurrent programming scenarios.

CVE IDTitleCVSSSeverityPublished
CVE-2026-13571 SourceCodester Simple Food Ordering System cart.php logic error — Simple Food Ordering System 5.3 Medium2026-06-29
CVE-2026-41973 Huawei EMUI和Huawei HarmonyOS 安全漏洞 — HarmonyOS 5.9 Medium2026-06-09
CVE-2026-11465 songquanpeng one-api Redemption Code Top-Up Endpoint redemption.go Redeem logic error — one-api 3.1 Low2026-06-07
CVE-2026-8738 Sanluan PublicCMS Trade Payment Flow TradeOrderController.java AccountGatewayComponent.pay logic error — PublicCMS 6.5 Medium2026-05-17
CVE-2026-41968 Huawei HarmonyOS 安全漏洞 — HarmonyOS 5.9 Medium2026-05-15
CVE-2026-41967 Huawei HarmonyOS 安全漏洞 — HarmonyOS 5.9 Medium2026-05-15
CVE-2026-41966 Huawei HarmonyOS 安全漏洞 — HarmonyOS 5.6 Medium2026-05-15
CVE-2026-41961 Huawei EMUI和Huawei HarmonyOS 安全漏洞 — HarmonyOS 5.9 Medium2026-05-15
CVE-2026-41971 Huawei HarmonyOS 安全漏洞 — HarmonyOS 5.5 Medium2026-05-15
CVE-2026-41965 Huawei HarmonyOS 安全漏洞 — HarmonyOS 5.6 Medium2026-05-15
CVE-2026-1322 Business Logic Errors in GitLab — GitLab 6.8 Medium2026-05-14
CVE-2026-1274 IBM Guardium Data Protection is affected by multiple vulnerabilities — Guardium Data Protection 4.9 Medium2026-04-22
CVE-2026-5812 SourceCodester Pharmacy Product Management System POST Parameter add-sales.php logic error — Pharmacy Product Management System 5.4 Medium2026-04-08
CVE-2026-5811 SourceCodester Online Food Ordering System POST Parameter Actions.php save_product logic error — Online Food Ordering System 5.4 Medium2026-04-08
CVE-2026-4547 mickasmt next-saas-stripe-starter Checkout generate-user-stripe.ts generateUserStripe logic error — next-saas-stripe-starter 4.3 Medium2026-03-22
CVE-2026-28550 Huawei HarmonyOS 竞争条件问题漏洞 — HarmonyOS 4.0 Medium2026-03-05
CVE-2026-1600 Bdtask Bhojon All-In-One Restaurant Management System Add-to-Cart Submission Endpoint addtocart logic error — Bhojon All-In-One Restaurant Management System 4.3 Medium2026-01-29
CVE-2026-1599 Bdtask Bhojon All-In-One Restaurant Management System Checkout placeorder logic error — Bhojon All-In-One Restaurant Management System 4.3 Medium2026-01-29
CVE-2025-14559 Org.keycloak/keycloak-services: keycloak keycloak-services: business logic flaw allows unauthorized token issuance for disabled users — Red Hat build of Keycloak 26.4 6.5 Medium2026-01-21
CVE-2025-6601 Business Logic Errors in GitLab — GitLab 2.7 Low2025-10-27
CVE-2025-58289 Huawei HarmonyOS 安全漏洞 — HarmonyOS 5.9 Medium2025-10-11
CVE-2025-10868 Business Logic Errors in GitLab — GitLab 3.5 Low2025-09-26
CVE-2025-8991 linlinjava litemall Business Logic express logic error — litemall 4.3 Medium2025-08-15
CVE-2025-54611 Huawei HarmonyOS和Huawei EMUI 安全漏洞 — HarmonyOS 7.3 High2025-08-06
CVE-2025-54606 Huawei HarmonyOS 安全漏洞 — HarmonyOS 7.3 High2025-08-06
CVE-2025-2938 Business Logic Errors in GitLab — GitLab 3.1 Low2025-06-26
CVE-2025-4037 code-projects ATM Banking moneyWithdraw logic error — ATM Banking 4.4 Medium2025-04-28
CVE-2025-1908 Business Logic Errors in GitLab — GitLab 7.7 High2025-04-24
CVE-2024-6577 Unclaimed S3 Bucket Usage in pytorch/serve — pytorch/serve 9.1 -2025-03-20
CVE-2025-2321 274056675 springboot-openai-chatgpt addData logic error — springboot-openai-chatgpt 6.3 Medium2025-03-15

Vulnerabilities classified as CWE-840 (业务逻辑错误) represent 86 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.