CWE-416— Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.— MITRE CWE catalog
7,398 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-416page 115 of 148
- CVE-2025-43568HIGHCVSS 7.8EG 7.82025-05-13
Substance3D - Stager versions 3.1.1 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a…
- CVE-2025-43570HIGHCVSS 7.8EG 7.82025-05-13
Substance3D - Stager versions 3.1.1 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a…
- CVE-2025-43571HIGHCVSS 7.8EG 7.82025-05-13
Substance3D - Stager versions 3.1.1 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a…
- CVE-2025-43573HIGHCVSS 7.8EG 7.82025-06-10
Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requir…
- CVE-2025-43574HIGHCVSS 7.8EG 7.82025-06-10
Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requir…
- CVE-2025-43576HIGHCVSS 7.8EG 7.82025-06-10
Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requir…
- CVE-2025-43577HIGHCVSS 7.8EG 7.82025-06-10
Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requir…
- CVE-2025-43589HIGHCVSS 7.8EG 7.82025-06-10
InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in…
- CVE-2025-4372HIGHCVSS 8.8EG 8.82025-05-06
Use after free in WebAudio in Google Chrome prior to 136.0.7103.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
- CVE-2025-44906HIGHCVSS 7.8EG 7.82025-05-30
jhead v3.08 was discovered to contain a heap-use-after-free via the ProcessFile function at jhead.c.
- CVE-2025-4516MEDIUMCVSS 5.9EG 5.92025-05-15
There is an issue in CPython when using `bytes.decode("unicode_escape", error="ignore|replace")`. If you are not using the "unicode_escape" encoding or an error handler your usage is not affected. To work-around this issue you may stop usi…
- CVE-2025-46205HIGHCVSS 8.1EG 8.12025-10-01
A heap-use-after free in the PdfTokenizer::ReadDictionary function of podofo v0.10.0 to v0.10.5 allows attackers to cause a Denial of Service (DoS) by supplying a crafted PDF file. NOTE: this is disputed by the Supplier because there is no…
- CVE-2025-46709HIGHCVSS 7.5EG 7.52025-08-09
Possible memory leak or kernel exceptions caused by reading kernel heap data after free or NULL pointer dereference kernel exception.
- CVE-2025-46710MEDIUMCVSS 5.7EG 5.72025-06-16
Possible kernel exceptions caused by reading and writing kernel heap data after free.
- CVE-2025-47106MEDIUMCVSS 5.5EG 5.52025-06-10
InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Expl…
- CVE-2025-47164HIGHCVSS 8.4EG 8.42025-06-10
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
- CVE-2025-47165HIGHCVSS 7.8EG 7.82025-06-10
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
- CVE-2025-47168HIGHCVSS 7.8EG 7.82025-06-10
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- CVE-2025-47170HIGHCVSS 7.8EG 7.82025-06-10
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- CVE-2025-47175HIGHCVSS 7.8EG 7.82025-06-10
Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.
- CVE-2025-47315HIGHCVSS 7.8EG 7.82025-09-24
Memory corruption while handling repeated memory unmap requests from guest VM.
- CVE-2025-47322HIGHCVSS 7.8EG 7.82025-12-18
Memory corruption while handling IOCTL calls to set mode.
- CVE-2025-47327HIGHCVSS 7.8EG 7.82025-09-24
Memory corruption while encoding the image data.
- CVE-2025-47333MEDIUMCVSS 6.6EG 6.62026-01-07
Memory corruption while handling buffer mapping operations in the cryptographic driver.
- CVE-2025-47336MEDIUMCVSS 6.7EG 6.72026-01-07
Memory corruption while performing sensor register read operations.
- CVE-2025-47337MEDIUMCVSS 6.7EG 6.72026-01-07
Memory corruption while accessing a synchronization object during concurrent operations.
- CVE-2025-47339HIGHCVSS 7.8EG 7.82026-01-07
Memory corruption while deinitializing a HDCP session.
- CVE-2025-47342HIGHCVSS 7.1EG 7.12025-10-09
Transient DOS may occur when multi-profile concurrency arises with QHS enabled.
- CVE-2025-47350HIGHCVSS 7.8EG 7.82025-12-18
Memory corruption while handling concurrent memory mapping and unmapping requests from a user-space application.
- CVE-2025-47354HIGHCVSS 7.8EG 7.82025-10-09
Memory corruption while allocating buffers in DSP service.
- CVE-2025-47358HIGHCVSS 7.8EG 7.82026-02-02
Memory Corruption when user space address is modified and passed to mem_free API, causing kernel memory to be freed inadvertently.
- CVE-2025-47359HIGHCVSS 7.8EG 7.82026-02-02
Memory Corruption when multiple threads simultaneously access a memory free API.
- CVE-2025-47374MEDIUMCVSS 6.5EG 6.52026-04-06
Memory Corruption when accessing freed memory due to concurrent fence deregistration and signal handling.
- CVE-2025-47398HIGHCVSS 7.8EG 7.82026-02-02
Memory Corruption while deallocating graphics processing unit memory buffers due to improper handling of memory pointers.
- CVE-2025-47917HIGHCVSS 8.9EG 8.92025-07-20
Mbed TLS before 3.6.4 allows a use-after-free in certain situations of applications that are developed in accordance with the documentation. The function mbedtls_x509_string_to_names() takes a head argument that is documented as an output …
- CVE-2025-47957HIGHCVSS 8.4EG 8.42025-06-10
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- CVE-2025-47976HIGHCVSS 7.8EG 7.82025-07-08
Use after free in Windows SSDP Service allows an authorized attacker to elevate privileges locally.
- CVE-2025-47986HIGHCVSS 8.8EG 8.82025-07-08
Use after free in Universal Print Management Service allows an authorized attacker to elevate privileges locally.
- CVE-2025-47991HIGHCVSS 7.8EG 7.82025-07-08
Use after free in Microsoft Input Method Editor (IME) allows an authorized attacker to elevate privileges locally.
- CVE-2025-48000HIGHCVSS 7.8EG 7.82025-07-08
Use after free in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally.
- CVE-2025-48004HIGHCVSS 7.4EG 7.42025-10-14
Use after free in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally.
- CVE-2025-48008HIGHCVSS 7.5EG 7.52025-10-15
When a TCP profile with Multipath TCP (MPTCP) enabled is configured on a virtual server, undisclosed traffic along with conditions beyond the attacker's control can cause the Traffic Management Microkernel (TMM) to terminate. Note: Soft…
- CVE-2025-48521MEDIUMCVSS 6.9EG 6.92026-05-15
Improper input validation in the AMD Secure Processor (ASP) PCI driver could allow a local attacker to trigger a Use-After-Free (UAF) condition, potentially resulting in a loss of platform integrity or crash.
- CVE-2025-48539HIGHCVSS 8.0EG 8.02025-09-04
In SendPacketToPeer of acl_arbiter.cc, there is a possible out of bounds read due to a use after free. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not nee…
- CVE-2025-48543HIGHCVSS 8.8EG 9.0⚠ KEV2025-09-04
In multiple locations, there is a possible way to escape chrome sandbox to attack android system_server due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interact…
- CVE-2025-48593HIGHCVSS 8.0EG 8.02025-11-18
In bta_hf_client_cb_init of bta_hf_client_main.cc, there is a possible remote code execution due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed f…
- CVE-2025-48752LOWCVSS 2.9EG 2.92025-05-24
In the process-sync crate 0.2.2 for Rust, the drop function lacks a check for whether the pthread_mutex is unlocked.
- CVE-2025-48769HIGHCVSS 8.1EG 5.32026-01-01
Use After Free vulnerability was discovered in fs/vfs/fs_rename code of the Apache NuttX RTOS, that due recursive implementation and single buffer use by two different pointer variables allowed arbitrary user provided size buffer reallocat…
- CVE-2025-4878LOWCVSS 3.6EG 3.62025-07-22
A vulnerability was found in libssh, where an uninitialized variable exists under certain conditions in the privatekey_from_file() function. This flaw can be triggered if the file specified by the filename doesn't exist and may lead to pos…
- CVE-2025-48798HIGHCVSS 7.3EG 7.32025-05-27
A flaw was found in GIMP when processing XCF image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and ca…
Map vulnerabilities like CWE-416 to your infrastructure
EchelonGraph correlates every CVE — across CWE-416 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →