The TOCTOU (Time Of Check To Time Of Use) vulnerability refers to a race condition where an attacker can exploit a window of opportunity between when a program checks a file's existence and permissions, and when it operates on that file. This vulnerability has been shown to be exploitable even in modern operating systems with small time intervals between the check and use. Researchers have demonstrated that TOCTOU attacks can succeed 85% of the time, even with short intervals, and that they can be amplified using an attack called a "filesystem maze". As a result, software developers can benefit from introducing rules to detect TOCTOU vulnerabilities in their code, such as SonarQube's new rule S5847, which is now available on SonarCloud and SonarQube 8.5+. To mitigate this issue, developers can use atomic operations or grab file descriptors during the check phase to prevent attacks from succeeding.