CWE-820: Missing Synchronization
The product utilizes a shared resource in a concurrent manner but does not attempt to synchronize access to the resource.
Last updated
Overview
If access to a shared resource is not synchronized, then the resource may not be in a state that is expected by the product. This might lead to unexpected or insecure behaviors, especially if an attacker can influence the shared resource.
Real-world CVEs
13 recorded CVEs are caused by CWE-820 (Missing Synchronization). The highest-severity and most recent are shown first. 4 new CWE-820 CVEs have been recorded so far in 2026 (5 in 2025).