CWE-401— Missing Release of Memory after Effective Lifetime (Memory Leak)
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.— MITRE CWE catalog
1,801 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-401page 32 of 37
- CVE-2026-20021MEDIUMCVSS 4.3EG 4.32026-03-04
A vulnerability in the OSPF protocol of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, adjacent attacker to exhaust memory on an affect…
- CVE-2026-20105HIGHCVSS 7.7EG 7.72026-03-04
A vulnerability in the Remote Access SSL VPN functionality of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Secure Firewall Threat Defense (FTD) Software could allow an authenticated, remote attacker with a valid VPN…
- CVE-2026-20106MEDIUMCVSS 5.3EG 5.32026-03-04
A vulnerability in the Remote Access SSL VPN, HTTP management and MUS functionality, of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remo…
- CVE-2026-20746MEDIUMCVSS 6.3EG 6.32026-06-12
Virtual attribute handling in Ping Identity PingDirectory in affected versions allows only authorized users to exhaust java memory heap when recent login history is enabled and copying virtual attributes that reference ds-privilege-name v…
- CVE-2026-21438MEDIUMCVSS 5.3EG 5.32026-02-12
webtransport-go is an implementation of the WebTransport protocol. Prior to 0.10.0, an attacker can cause unbounded memory consumption repeatedly creating and closing many WebTransport streams. Closed streams were not removed from an inter…
- CVE-2026-21674LOWCVSS 3.3EG 3.32026-01-06
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1 and below contain a memory leak vulnerability in its XML MPE Parsing Path (iccFromXml). This issue is fixed in version 2.3.1.1.
- CVE-2026-21909MEDIUMCVSS 6.5EG 6.52026-01-15
A Missing Release of Memory after Effective Lifetime vulnerability in the routing protocol daemon (rpd) Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated attacker controlling an adjacent IS-IS neighbor to send a spec…
- CVE-2026-22024MEDIUMCVSS 5.3EG 5.32026-01-10
CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. Prior to…
- CVE-2026-22025LOWCVSS 3.7EG 3.72026-01-10
CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. Prior to…
- CVE-2026-22979MEDIUMCVSS 5.5EG 5.52026-01-23
In the Linux kernel, the following vulnerability has been resolved: net: fix memory leak in skb_segment_list for GRO packets When skb_segment_list() is called during packet forwarding, it handles packets that were aggregated by the GRO e…
- CVE-2026-23021CVSS 0.0EG 5.52026-01-31
In the Linux kernel, the following vulnerability has been resolved: net: usb: pegasus: fix memory leak in update_eth_regs_async() When asynchronously writing to the device registers and if usb_submit_urb() fail, the code fail to release …
- CVE-2026-23022MEDIUMCVSS 5.5EG 5.52026-01-31
In the Linux kernel, the following vulnerability has been resolved: idpf: fix memory leak in idpf_vc_core_deinit() Make sure to free hw->lan_regs. Reported by kmemleak during reset: unreferenced object 0xff1b913d02a936c0 (size 96): co…
- CVE-2026-23023MEDIUMCVSS 5.5EG 5.52026-01-31
In the Linux kernel, the following vulnerability has been resolved: idpf: fix memory leak in idpf_vport_rel() Free vport->rx_ptype_lkup in idpf_vport_rel() to avoid leaking memory during a reset. Reported by kmemleak: unreferenced objec…
- CVE-2026-23024MEDIUMCVSS 5.5EG 5.52026-01-31
In the Linux kernel, the following vulnerability has been resolved: idpf: fix memory leak of flow steer list on rmmod The flow steering list maintains entries that are added and removed as ethtool creates and deletes flow steering rules.…
- CVE-2026-23026MEDIUMCVSS 5.5EG 5.52026-01-31
In the Linux kernel, the following vulnerability has been resolved: dmaengine: qcom: gpi: Fix memory leak in gpi_peripheral_config() Fix a memory leak in gpi_peripheral_config() where the original memory pointed to by gchan->config could…
- CVE-2026-23061CVSS 0.0EG 5.52026-02-04
In the Linux kernel, the following vulnerability has been resolved: can: kvaser_usb: kvaser_usb_read_bulk_callback(): fix URB memory leak Fix similar memory leak as in commit 7352e1d5932a ("can: gs_usb: gs_usb_receive_bulk_callback(): fi…
- CVE-2026-23065MEDIUMCVSS 5.5EG 5.52026-02-04
In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd: Fix memory leak in wbrf_record() The tmp buffer is allocated using kcalloc() but is not freed if acpi_evaluate_dsm() fails. This causes a memory leak i…
- CVE-2026-23072MEDIUMCVSS 5.5EG 5.52026-02-04
In the Linux kernel, the following vulnerability has been resolved: l2tp: Fix memleak in l2tp_udp_encap_recv(). syzbot reported memleak of struct l2tp_session, l2tp_tunnel, sock, etc. [0] The cited commit moved down the validation of th…
- CVE-2026-23075MEDIUMCVSS 5.5EG 5.52026-02-04
In the Linux kernel, the following vulnerability has been resolved: can: esd_usb: esd_usb_read_bulk_callback(): fix URB memory leak Fix similar memory leak as in commit 7352e1d5932a ("can: gs_usb: gs_usb_receive_bulk_callback(): fix URB …
- CVE-2026-23079MEDIUMCVSS 5.5EG 5.52026-02-04
In the Linux kernel, the following vulnerability has been resolved: gpio: cdev: Fix resource leaks on errors in lineinfo_changed_notify() On error handling paths, lineinfo_changed_notify() doesn't free the allocated resources which resul…
- CVE-2026-23080MEDIUMCVSS 5.5EG 5.52026-02-04
In the Linux kernel, the following vulnerability has been resolved: can: mcba_usb: mcba_usb_read_bulk_callback(): fix URB memory leak Fix similar memory leak as in commit 7352e1d5932a ("can: gs_usb: gs_usb_receive_bulk_callback(): fix UR…
- CVE-2026-23087MEDIUMCVSS 5.5EG 5.52026-02-04
In the Linux kernel, the following vulnerability has been resolved: scsi: xen: scsiback: Fix potential memory leak in scsiback_remove() Memory allocated for struct vscsiblk_info in scsiback_probe() is not freed in scsiback_remove() leadi…
- CVE-2026-23091CVSS 0.0EG 5.52026-02-04
In the Linux kernel, the following vulnerability has been resolved: intel_th: fix device leak on output open() Make sure to drop the reference taken when looking up the th device during output device open() on errors and on close(). Not…
- CVE-2026-23095HIGHCVSS 7.5EG 5.52026-02-04
In the Linux kernel, the following vulnerability has been resolved: gue: Fix skb memleak with inner IP protocol 0. syzbot reported skb memleak below. [0] The repro generated a GUE packet with its inner protocol 0. gue_udp_recv() return…
- CVE-2026-23108CVSS 0.0EG 5.52026-02-04
In the Linux kernel, the following vulnerability has been resolved: can: usb_8dev: usb_8dev_read_bulk_callback(): fix URB memory leak Fix similar memory leak as in commit 7352e1d5932a ("can: gs_usb: gs_usb_receive_bulk_callback(): fix UR…
- CVE-2026-23137MEDIUMCVSS 5.5EG 5.52026-02-14
In the Linux kernel, the following vulnerability has been resolved: of: unittest: Fix memory leak in unittest_data_add() In unittest_data_add(), if of_resolve_phandles() fails, the allocated unittest_data is not freed, leading to a memor…
- CVE-2026-23145CVSS 0.0EG 5.52026-02-14
In the Linux kernel, the following vulnerability has been resolved: ext4: fix iloc.bh leak in ext4_xattr_inode_update_ref The error branch for ext4_xattr_inode_update_ref forget to release the refcount for iloc.bh. Find this when review …
- CVE-2026-23147MEDIUMCVSS 5.5EG 5.52026-02-14
In the Linux kernel, the following vulnerability has been resolved: btrfs: zlib: fix the folio leak on S390 hardware acceleration [BUG] After commit aa60fe12b4f4 ("btrfs: zlib: refactor S390x HW acceleration buffer preparation"), we no l…
- CVE-2026-23150MEDIUMCVSS 5.5EG 5.52026-02-14
In the Linux kernel, the following vulnerability has been resolved: nfc: llcp: Fix memleak in nfc_llcp_send_ui_frame(). syzbot reported various memory leaks related to NFC, struct nfc_llcp_sock, sk_buff, nfc_dev, etc. [0] The leading lo…
- CVE-2026-23151MEDIUMCVSS 5.5EG 5.52026-02-14
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix memory leak in set_ssp_complete Fix memory leak in set_ssp_complete() where mgmt_pending_cmd structures are not freed after being removed from the p…
- CVE-2026-23160MEDIUMCVSS 5.5EG 5.52026-02-14
In the Linux kernel, the following vulnerability has been resolved: octeon_ep: Fix memory leak in octep_device_setup() In octep_device_setup(), if octep_ctrl_net_init() fails, the function returns directly without unmapping the mapped re…
- CVE-2026-23164CVSS 0.0EG 5.52026-02-14
In the Linux kernel, the following vulnerability has been resolved: rocker: fix memory leak in rocker_world_port_post_fini() In rocker_world_port_pre_init(), rocker_port->wpriv is allocated with kzalloc(wops->port_priv_size, GFP_KERNEL).…
- CVE-2026-23170MEDIUMCVSS 5.5EG 5.52026-02-14
In the Linux kernel, the following vulnerability has been resolved: drm/imx/tve: fix probe device leak Make sure to drop the reference taken to the DDC device during probe on probe failure (e.g. probe deferral) and on driver unbind.
- CVE-2026-23172HIGHCVSS 8.4EG 5.52026-02-14
In the Linux kernel, the following vulnerability has been resolved: net: wwan: t7xx: fix potential skb->frags overflow in RX path When receiving data in the DPMAIF RX path, the t7xx_dpmaif_set_frag_to_skb() function adds page fragments t…
- CVE-2026-23190MEDIUMCVSS 5.5EG 5.52026-02-14
In the Linux kernel, the following vulnerability has been resolved: ASoC: amd: fix memory leak in acp3x pdm dma ops
- CVE-2026-23205MEDIUMCVSS 5.5EG 5.52026-02-14
In the Linux kernel, the following vulnerability has been resolved: smb/client: fix memory leak in smb2_open_file() Reproducer: 1. server: directories are exported read-only 2. client: mount -t cifs //${server_ip}/export /mnt 3. c…
- CVE-2026-23228MEDIUMCVSS 5.5EG 5.52026-02-18
In the Linux kernel, the following vulnerability has been resolved: smb: server: fix leak of active_num_conn in ksmbd_tcp_new_connection() On kthread_run() failure in ksmbd_tcp_new_connection(), the transport is freed via free_transport(…
- CVE-2026-23258MEDIUMCVSS 5.5EG 5.52026-03-18
In the Linux kernel, the following vulnerability has been resolved: net: liquidio: Initialize netdev pointer before queue setup In setup_nic_devices(), the netdev is allocated using alloc_etherdev_mq(). However, the pointer to this struc…
- CVE-2026-23260MEDIUMCVSS 5.5EG 5.52026-03-18
In the Linux kernel, the following vulnerability has been resolved: regmap: maple: free entry on mas_store_gfp() failure regcache_maple_write() allocates a new block ('entry') to merge adjacent ranges and then stores it with mas_store_gf…
- CVE-2026-23261MEDIUMCVSS 5.5EG 5.52026-03-18
In the Linux kernel, the following vulnerability has been resolved: nvme-fc: release admin tagset if init fails nvme_fabrics creates an NVMe/FC controller in following path: nvmf_dev_write() -> nvmf_create_ctrl() -> nv…
- CVE-2026-23263MEDIUMCVSS 5.5EG 5.52026-03-18
In the Linux kernel, the following vulnerability has been resolved: io_uring/zcrx: fix page array leak d9f595b9a65e ("io_uring/zcrx: fix leaking pages on sg init fail") fixed a page leakage but didn't free the page array, release it as w…
- CVE-2026-23297MEDIUMCVSS 5.5EG 5.52026-03-25
In the Linux kernel, the following vulnerability has been resolved: nfsd: Fix cred ref leak in nfsd_nl_threads_set_doit(). syzbot reported memory leak of struct cred. [0] nfsd_nl_threads_set_doit() passes get_current_cred() to nfsd_svc(…
- CVE-2026-23330MEDIUMCVSS 5.5EG 5.52026-03-25
In the Linux kernel, the following vulnerability has been resolved: nfc: nci: complete pending data exchange on device close In nci_close_device(), complete any pending data exchange before closing. The data exchange callback (e.g. rawso…
- CVE-2026-23335MEDIUMCVSS 5.5EG 5.52026-03-25
In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix kernel stack leak in irdma_create_user_ah() struct irdma_create_ah_resp { // 8 bytes, no padding __u32 ah_id; // offset 0 - SET (uresp…
- CVE-2026-23337MEDIUMCVSS 5.5EG 5.52026-03-25
In the Linux kernel, the following vulnerability has been resolved: pinctrl: pinconf-generic: Fix memory leak in pinconf_generic_parse_dt_config() In pinconf_generic_parse_dt_config(), if parse_dt_cfg() fails, it returns directly. This b…
- CVE-2026-23339MEDIUMCVSS 5.5EG 5.52026-03-25
In the Linux kernel, the following vulnerability has been resolved: nfc: nci: free skb on nci_transceive early error paths nci_transceive() takes ownership of the skb passed by the caller, but the -EPROTO, -EINVAL, and -EBUSY error paths…
- CVE-2026-23350HIGHCVSS 7.8EG 7.82026-03-25
In the Linux kernel, the following vulnerability has been resolved: drm/xe/queue: Call fini on exec queue creation fail Every call to queue init should have a corresponding fini call. Skipping this would mean skipping removal of the queu…
- CVE-2026-23352MEDIUMCVSS 5.5EG 5.52026-03-25
In the Linux kernel, the following vulnerability has been resolved: x86/efi: defer freeing of boot services memory efi_free_boot_services() frees memory occupied by EFI_BOOT_SERVICES_CODE and EFI_BOOT_SERVICES_DATA using memblock_free_la…
- CVE-2026-23360MEDIUMCVSS 5.5EG 5.52026-03-25
In the Linux kernel, the following vulnerability has been resolved: nvme: fix admin queue leak on controller reset When nvme_alloc_admin_tag_set() is called during a controller reset, a previous admin queue may still exist. Release it pr…
- CVE-2026-23384MEDIUMCVSS 5.5EG 5.52026-03-25
In the Linux kernel, the following vulnerability has been resolved: RDMA/ionic: Fix kernel stack leak in ionic_create_cq() struct ionic_cq_resp resp { __u32 cqid[2]; // offset 0 - PARTIALLY SET (see below) __u8 udma_mask…
Map vulnerabilities like CWE-401 to your infrastructure
EchelonGraph correlates every CVE — across CWE-401 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →