CWE-416— Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.— MITRE CWE catalog
7,398 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-416page 111 of 148
- CVE-2025-27491HIGHCVSS 7.1EG 7.12025-04-08
Use after free in Windows Hyper-V allows an authorized attacker to execute code over a network.
- CVE-2025-27492HIGHCVSS 7.0EG 7.02025-04-08
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Secure Channel allows an authorized attacker to elevate privileges locally.
- CVE-2025-27578HIGHCVSS 7.5EG 7.52025-05-08
Pixmeo OsiriX MD is vulnerable to a use after free scenario, which could allow an attacker to upload a crafted DICOM file and cause memory corruption leading to a denial-of-service condition.
- CVE-2025-27723MEDIUMCVSS 6.8EG 6.82026-05-12
Use after free for some Linux kernel driver for the Intel(R) Ethernet 800 series before version 2.3.14 within Ring 0: Kernel may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low comp…
- CVE-2025-27729HIGHCVSS 7.8EG 7.82025-04-08
Use after free in Windows Shell allows an unauthorized attacker to execute code locally.
- CVE-2025-27730HIGHCVSS 7.8EG 7.82025-04-08
Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally.
- CVE-2025-27745HIGHCVSS 7.8EG 7.82025-04-08
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
- CVE-2025-27746HIGHCVSS 7.8EG 7.82025-04-08
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
- CVE-2025-27748HIGHCVSS 7.8EG 7.82025-04-08
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
- CVE-2025-27749HIGHCVSS 7.8EG 7.82025-04-08
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
- CVE-2025-27750HIGHCVSS 7.8EG 7.82025-04-08
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
- CVE-2025-27751HIGHCVSS 7.8EG 7.82025-04-08
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
- CVE-2025-2913LOWCVSS 3.3EG 3.32025-03-28
A vulnerability was found in HDF5 up to 1.14.6. It has been rated as critical. Affected by this issue is the function H5FL__blk_gc_list of the file src/H5FL.c. The manipulation of the argument H5FL_blk_head_t leads to use after free. An at…
- CVE-2025-29699MEDIUMCVSS 6.5EG 6.52025-11-03
NetSurf 3.11 is vulnerable to Use After Free in dom_node_set_text_content function.
- CVE-2025-29792HIGHCVSS 7.3EG 7.32025-04-08
Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally.
- CVE-2025-29815HIGHCVSS 7.6EG 7.62025-04-04
Use after free in Microsoft Edge (Chromium-based) allows an authorized attacker to execute code over a network.
- CVE-2025-29820HIGHCVSS 7.8EG 7.82025-04-08
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- CVE-2025-29823HIGHCVSS 7.8EG 7.82025-04-08
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
- CVE-2025-29824HIGHCVSS 7.8EG 9.0⚠ KEV2025-04-08
Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
- CVE-2025-29831HIGHCVSS 7.5EG 7.52025-05-13
Use after free in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network.
- CVE-2025-29841HIGHCVSS 7.0EG 7.02025-05-13
Concurrent execution using shared resource with improper synchronization ('race condition') in Universal Print Management Service allows an authorized attacker to elevate privileges locally.
- CVE-2025-29970HIGHCVSS 7.8EG 7.82025-05-13
Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.
- CVE-2025-29977HIGHCVSS 7.8EG 7.82025-05-13
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
- CVE-2025-29978HIGHCVSS 7.8EG 7.82025-05-13
Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.
- CVE-2025-30194HIGHCVSS 7.5EG 7.52025-04-29
When DNSdist is configured to provide DoH via the nghttp2 provider, an attacker can cause a denial of service by crafting a DoH exchange that triggers an illegal memory access (double-free) and crash of DNSdist, causing a denial of service…
- CVE-2025-30232HIGHCVSS 8.1EG 8.12025-03-28
A use-after-free in Exim 4.96 through 4.98.1 could allow users (with command-line access) to escalate privileges.
- CVE-2025-3028MEDIUMCVSS 6.5EG 6.52025-04-01
JavaScript code running while transforming a document with the XSLTProcessor could lead to a use-after-free. This vulnerability was fixed in Firefox 137, Firefox ESR 115.22, Firefox ESR 128.9, Thunderbird 137, and Thunderbird 128.9.
- CVE-2025-3030HIGHCVSS 8.1EG 8.12025-04-01
Memory safety bugs present in Firefox 136, Thunderbird 136, Firefox ESR 128.8, and Thunderbird 128.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to…
- CVE-2025-30377HIGHCVSS 8.4EG 8.42025-05-13
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
- CVE-2025-30385HIGHCVSS 7.8EG 7.82025-05-13
Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
- CVE-2025-30386HIGHCVSS 8.4EG 8.42025-05-13
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
- CVE-2025-30393HIGHCVSS 7.8EG 7.82025-05-13
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
- CVE-2025-30400HIGHCVSS 7.8EG 9.0⚠ KEV2025-05-13
Use after free in Windows DWM allows an authorized attacker to elevate privileges locally.
- CVE-2025-30427MEDIUMCVSS 4.3EG 9.82025-03-31
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, tvOS 18.4, visionOS 2.4, watchOS 11.4. Processing maliciously crafted we…
- CVE-2025-3066HIGHCVSS 8.8EG 8.82025-04-02
Use after free in Site Isolation in Google Chrome prior to 135.0.7049.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- CVE-2025-31115HIGHCVSS 8.7EG 8.72025-04-03
XZ Utils provide a general-purpose data-compression library plus command-line tools. In XZ Utils 5.3.3alpha to 5.8.0, the multithreaded .xz decoder in liblzma has a bug where invalid input can at least result in a crash. The effects includ…
- CVE-2025-31197MEDIUMCVSS 5.7EG 5.52025-04-29
The issue was addressed with improved checks. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4. An attacker on the local network may caus…
- CVE-2025-31239MEDIUMCVSS 4.3EG 3.32025-05-12
A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7, macOS Sequoia 15.5, macOS Sonoma 14.7.6, macOS Ventura 13.7.6, tvOS 18.5, visionOS 2.5, watchOS 11.5. Par…
- CVE-2025-31498HIGHCVSS 8.3EG 8.32025-04-08
c-ares is an asynchronous resolver library. From 1.32.3 through 1.34.4, there is a use-after-free in read_answers() when process_answer() may re-enqueue a query either due to a DNS Cookie Failure or when the upstream server does not proper…
- CVE-2025-31946MEDIUMCVSS 6.2EG 6.22025-05-08
Pixmeo OsiriX MD is vulnerable to a local use after free scenario, which could allow an attacker to locally import a crafted DICOM file and cause memory corruption or a system crash.
- CVE-2025-3212MEDIUMCVSS 5.3EG 5.32025-09-08
Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform valid GPU memory processing oper…
- CVE-2025-32332HIGHCVSS 7.8EG 7.82025-09-04
In multiple locations, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- CVE-2025-32701HIGHCVSS 7.8EG 9.0⚠ KEV2025-05-13
Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
- CVE-2025-32709HIGHCVSS 7.8EG 9.0⚠ KEV2025-05-13
Null pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
- CVE-2025-32710HIGHCVSS 8.1EG 8.12025-06-10
Use after free in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network.
- CVE-2025-32712HIGHCVSS 7.8EG 7.82025-06-10
Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.
- CVE-2025-33071HIGHCVSS 8.1EG 8.12025-06-10
Use after free in Windows KDC Proxy Service (KPSSVC) allows an unauthorized attacker to execute code over a network.
- CVE-2025-33217HIGHCVSS 7.8EG 7.82026-01-28
NVIDIA Display Driver for Windows contains a vulnerability where an attacker could trigger a use after free. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of servi…
- CVE-2025-33220HIGHCVSS 7.8EG 7.82026-01-28
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause heap memory access after the memory is freed. A successful exploit of this vulnerability might lead to code execution, escalation…
- CVE-2025-3416LOWCVSS 3.7EG 3.72025-04-08
A flaw was found in OpenSSL's handling of the properties argument in certain functions. This vulnerability can allow use-after-free exploitation, which may result in undefined behavior or incorrect property parsing, leading to OpenSSL trea…
Map vulnerabilities like CWE-416 to your infrastructure
EchelonGraph correlates every CVE — across CWE-416 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →