CWE-416— Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.— MITRE CWE catalog
7,398 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-416page 116 of 148
- CVE-2025-48806HIGHCVSS 7.8EG 7.82025-07-08
Use after free in Microsoft MPEG-2 Video Extension allows an authorized attacker to execute code locally.
- CVE-2025-48821HIGHCVSS 7.1EG 7.12025-07-08
Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over an adjacent network.
- CVE-2025-48945HIGHCVSS 8.2EG 8.22025-06-20
pycares is a Python module which provides an interface to c-ares. c-ares is a C library that performs DNS requests and name resolutions asynchronously. Prior to version 4.9.0, pycares is vulnerable to a use-after-free condition that occurs…
- CVE-2025-49014MEDIUMCVSS 5.5EG 5.52025-06-19
jq is a command-line JSON processor. In version 1.8.0 a heap use after free vulnerability exists within the function f_strflocaltime of /src/builtin.c. This issue has been patched in commit 499c91b, no known fix version exists at time of p…
- CVE-2025-49561HIGHCVSS 7.8EG 7.82025-08-12
Animate versions 23.0.12, 24.0.9 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a vi…
- CVE-2025-49562MEDIUMCVSS 5.5EG 5.52025-08-12
Animate versions 23.0.12, 24.0.9 and earlier are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
- CVE-2025-49568MEDIUMCVSS 5.5EG 5.52025-08-12
Illustrator versions 28.7.8, 29.6.1 and earlier are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious f…
- CVE-2025-49660HIGHCVSS 7.8EG 7.82025-07-08
Use after free in Windows Event Tracing allows an authorized attacker to elevate privileges locally.
- CVE-2025-49665HIGHCVSS 7.8EG 7.82025-07-08
Concurrent execution using shared resource with improper synchronization ('race condition') in Workspace Broker allows an authorized attacker to elevate privileges locally.
- CVE-2025-49675HIGHCVSS 7.8EG 7.82025-07-08
Use after free in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate privileges locally.
- CVE-2025-49677HIGHCVSS 7.0EG 7.02025-07-08
Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.
- CVE-2025-49682HIGHCVSS 7.3EG 7.32025-07-08
Use after free in Windows Media allows an authorized attacker to elevate privileges locally.
- CVE-2025-49685HIGHCVSS 7.0EG 7.02025-07-08
Use after free in Microsoft Windows Search Component allows an authorized attacker to elevate privileges locally.
- CVE-2025-49695HIGHCVSS 8.4EG 8.42025-07-08
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
- CVE-2025-49698HIGHCVSS 7.8EG 7.82025-07-08
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- CVE-2025-49699HIGHCVSS 7.0EG 7.02025-07-08
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
- CVE-2025-49700HIGHCVSS 7.8EG 7.82025-07-08
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- CVE-2025-49703HIGHCVSS 7.8EG 7.82025-07-08
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- CVE-2025-49708CRITICALCVSS 9.9EG 9.92025-10-14
Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges over a network.
- CVE-2025-49711HIGHCVSS 7.8EG 7.82025-07-08
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
- CVE-2025-49724HIGHCVSS 8.8EG 8.82025-07-08
Use after free in Windows Connected Devices Platform Service allows an unauthorized attacker to execute code over a network.
- CVE-2025-49725HIGHCVSS 7.8EG 7.82025-07-08
Use after free in Windows Notification allows an authorized attacker to elevate privileges locally.
- CVE-2025-49726HIGHCVSS 7.8EG 7.82025-07-08
Use after free in Windows Notification allows an authorized attacker to elevate privileges locally.
- CVE-2025-49733HIGHCVSS 7.8EG 7.82025-07-08
Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.
- CVE-2025-49735HIGHCVSS 8.1EG 8.12025-07-08
Use after free in Windows KDC Proxy Service (KPSSVC) allows an unauthorized attacker to execute code over a network.
- CVE-2025-49743MEDIUMCVSS 6.7EG 6.72025-08-12
Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.
- CVE-2025-49761HIGHCVSS 7.8EG 7.82025-08-12
Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.
- CVE-2025-49844CRITICALCVSS 9.9EG 9.92025-10-03
Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to manipulate the garbage collector, trigger a use-after-free and potentially lea…
- CVE-2025-50153HIGHCVSS 7.8EG 7.82025-08-12
Use after free in Desktop Windows Manager allows an authorized attacker to elevate privileges locally.
- CVE-2025-50159HIGHCVSS 7.3EG 7.32025-08-12
Use after free in Remote Access Point-to-Point Protocol (PPP) EAP-TLS allows an authorized attacker to elevate privileges locally.
- CVE-2025-50167HIGHCVSS 7.0EG 7.02025-08-12
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Hyper-V allows an authorized attacker to elevate privileges locally.
- CVE-2025-50174HIGHCVSS 7.0EG 7.02025-10-14
Use after free in Windows Device Association Broker service allows an authorized attacker to elevate privileges locally.
- CVE-2025-50175HIGHCVSS 7.8EG 7.82025-10-14
Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally.
- CVE-2025-50177HIGHCVSS 8.1EG 8.12025-08-12
Use after free in Windows Message Queuing allows an unauthorized attacker to execute code over a network.
- CVE-2025-5036HIGHCVSS 7.8EG 7.82025-06-02
A maliciously crafted RFA file, when linked or imported into Autodesk Revit, can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in th…
- CVE-2025-50518CRITICALCVSS 9.8EG 9.82025-08-14
A use-after-free vulnerability exists in the coap_delete_pdu_lkd function within coap_pdu.c of the libcoap library. This issue occurs due to improper handling of memory after the freeing of a PDU object, leading to potential memory corrupt…
- CVE-2025-5063HIGHCVSS 8.8EG 8.82025-05-27
Use after free in Compositing in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- CVE-2025-5068HIGHCVSS 8.8EG 8.82025-06-03
Use after free in Blink in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
- CVE-2025-5100HIGHCVSS 8.0EG 8.02025-05-23
A double-free condition occurs during the cleanup of temporary image files, which can be exploited to achieve memory corruption and potentially arbitrary code execution.
- CVE-2025-5283MEDIUMCVSS 5.4EG 5.42025-05-27
Use after free in libvpx in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
- CVE-2025-52885MEDIUMCVSS 6.1EG 6.12025-10-10
Poppler ia a library for rendering PDF files, and examining or modifying their structure. A use-after-free (write) vulnerability has been detected in versions Poppler prior to 25.10.0 within the StructTreeRoot class. The issue arises from …
- CVE-2025-52886MEDIUMCVSS 5.9EG 5.92025-07-02
Poppler is a PDF rendering library. Versions prior to 25.06.0 use `std::atomic_int` for reference counting. Because `std::atomic_int` is only 32 bits, it is possible to overflow the reference count and trigger a use-after-free. Version 25.…
- CVE-2025-52910CRITICALCVSS 9.8EG 6.52025-11-04
An issue was discovered in the GPU in Samsung Mobile Processor and Wearable Processor Exynos 1280, 2200, 1330, 1380, 1480, 2400. A Use-After-Free leads to privilege escalation.
- CVE-2025-52946HIGHCVSS 7.5EG 7.52025-07-11
A Use After Free vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Juniper Networks Junos OS Evolved allows an attacker sending a BGP update with a specifically malformed AS PATH to cause rpd to crash, res…
- CVE-2025-53132HIGHCVSS 7.8EG 8.02025-08-12
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.
- CVE-2025-53133HIGHCVSS 7.8EG 7.82025-08-12
Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally.
- CVE-2025-53137HIGHCVSS 7.0EG 7.02025-08-12
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
- CVE-2025-53140HIGHCVSS 7.0EG 7.02025-08-12
Use after free in Kernel Transaction Manager allows an authorized attacker to elevate privileges locally.
- CVE-2025-53142HIGHCVSS 7.0EG 7.02025-08-12
Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.
- CVE-2025-53147HIGHCVSS 7.0EG 7.02025-08-12
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
Map vulnerabilities like CWE-416 to your infrastructure
EchelonGraph correlates every CVE — across CWE-416 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →