...
In many older implementations, the name is a function of process ID and time, so it is possible for the attacker to predict the name and create a decoy in advance. FreeBSD changed the mk*temp() family to eliminate the process ID component of the file name and replace the entire field with base-62 encoded randomness. This raises the number of possible temporary files for the typical use of six X's significantly, meaning that even mktemp() with six X's is reasonably (probabilistically) secure against guessing except under frequent usage [Kennaway 2000].
Exceptions
FIO43FIO21-EX1: The Annex K tmpfile_s() function can be used if all the targeted implementations create temporary files in secure directories.
...
| CERT C Secure Coding Standard | FIO15-C. Ensure that file operations are performed in a secure directory |
| CERT C++ Secure Coding Standard | FIO43FIO19-CPP. Do not create temporary files in shared directories |
| CERT Oracle Secure Coding Standard for Java | FIO03-J. Remove temporary files before termination |
| ISO/IEC TR 24772:2013 | Path Traversal [EWR] |
| MITRE CWE | CWE-379, Creation of temporary file in directory with insecure permissions |
...