TOCTOU - time-of-check to time-of-use. Software bug cause by race condition. Happens when there is a time gap between the check of the state of a part of the system and the use of the results of that check.
Characteristic to environments where multiple actors have access to the same resources (files, memory). The change of these resources can change between the time of check and the time of use, which makes it difficult to ensure consistent and secure operations.
Also, during this interval, an attacker can alter the state of the system, leading to unauthorized actions or security breaches.
TRIVIA
In 2025, the AWS outage was caused by a TOCTOU race condition in the DNS management for DynamoDB. Outdated DNS plans were being applied after newer ones had already been cleaned up, resulting in the deletion of endpoint IP addresses and widespread service failure.