CWE-416— Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.— MITRE CWE catalog
7,398 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-416page 120 of 148
- CVE-2025-62170HIGHCVSS 7.5EG 7.52025-10-13
rAthena is an open-source cross-platform MMORPG server. A use-after-free vulnerability exists in the RODEX functionality of rAthena's map-server in versions prior to commit af2f3ba. An unauthenticated attacker can exploit this vulnerabilit…
- CVE-2025-62199HIGHCVSS 7.8EG 7.82025-11-11
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
- CVE-2025-62203HIGHCVSS 7.8EG 7.82025-11-11
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
- CVE-2025-62205HIGHCVSS 7.8EG 7.82025-11-11
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- CVE-2025-62213HIGHCVSS 7.0EG 7.02025-11-11
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
- CVE-2025-62216HIGHCVSS 7.8EG 7.82025-11-11
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
- CVE-2025-62221HIGHCVSS 7.8EG 9.0⚠ KEV2025-12-09
Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.
- CVE-2025-62229HIGHCVSS 7.3EG 7.32025-10-30
A flaw was found in the X.Org X server and Xwayland when processing X11 Present extension notifications. Improper error handling during notification creation can leave dangling pointers that lead to a use-after-free condition. This can cau…
- CVE-2025-62230HIGHCVSS 7.3EG 7.32025-10-30
A flaw was discovered in the X.Org X server’s X Keyboard (Xkb) extension when handling client resource cleanup. The software frees certain data structures without properly detaching related resources, leading to a use-after-free conditio…
- CVE-2025-62408MEDIUMCVSS 5.9EG 5.92025-12-08
c-ares is an asynchronous resolver library. Versions 1.32.3 through 1.34.5 terminate a query after maximum attempts when using read_answer() and process_answer(), which can cause a Denial of Service. This issue is fixed in version 1.34.6.
- CVE-2025-62472HIGHCVSS 7.8EG 7.82025-12-09
Use of uninitialized resource in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally.
- CVE-2025-62490HIGHCVSS 8.8EG 8.82025-10-16
In quickjs, in js_print_object, when printing an array, the function first fetches the array length and then loops over it. The issue is, printing a value is not side-effect free. An attacker-defined callback could run during js_print_val…
- CVE-2025-62491HIGHCVSS 8.8EG 8.82025-10-16
A Use-After-Free (UAF) vulnerability exists in the QuickJS engine's standard library when iterating over the global list of unhandled rejected promises (ts->rejected_promise_list). * The function js_std_promise_rejection_check attempts…
- CVE-2025-62504HIGHCVSS 7.5EG 6.52025-10-16
Envoy is an open source edge and service proxy. Envoy versions earlier than 1.36.2, 1.35.6, 1.34.10, and 1.33.12 contain a use-after-free vulnerability in the Lua filter. When a Lua script executing in the response phase rewrites a respons…
- CVE-2025-62553HIGHCVSS 7.8EG 7.82025-12-09
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
- CVE-2025-62555HIGHCVSS 7.0EG 7.02025-12-09
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- CVE-2025-62557HIGHCVSS 7.8EG 8.42025-12-09
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
- CVE-2025-62558HIGHCVSS 7.8EG 7.82025-12-09
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- CVE-2025-62559HIGHCVSS 7.8EG 7.82025-12-09
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- CVE-2025-62562HIGHCVSS 7.8EG 7.82025-12-09
Use after free in Microsoft Office Outlook allows an unauthorized attacker to execute code locally.
- CVE-2025-62563HIGHCVSS 7.8EG 7.82025-12-09
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
- CVE-2025-62565HIGHCVSS 7.3EG 7.32025-12-09
Use after free in Windows Shell allows an authorized attacker to elevate privileges locally.
- CVE-2025-62569HIGHCVSS 7.0EG 7.02025-12-09
Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.
- CVE-2025-62573HIGHCVSS 7.0EG 7.02025-12-09
Use after free in Windows DirectX allows an authorized attacker to elevate privileges locally.
- CVE-2025-6275LOWCVSS 3.3EG 3.32025-06-19
A vulnerability was found in WebAssembly wabt up to 1.0.37. It has been declared as problematic. Affected by this vulnerability is the function GetFuncOffset of the file src/interp/binary-reader-interp.cc. The manipulation leads to use aft…
- CVE-2025-62788HIGHCVSS 7.5EG 7.52025-10-29
Wazuh is a free and open source platform used for threat prevention, detection, and response. Prior to 4.11.0, w_copy_event_for_log() references memory (initially allocated in OS_CleanMSG()) after it has been freed. A compromised agent can…
- CVE-2025-6349MEDIUMCVSS 5.1EG 5.12025-12-01
Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform improper GPU memory processing operations to gain access to already…
- CVE-2025-63651HIGHCVSS 7.5EG 7.52026-01-29
A use-after-free in the mk_string_char_search function (mk_core/mk_string.c) of monkey commit f37e984 allows attackers to cause a Denial of Service (DoS) via sending a crafted HTTP request to the server.
- CVE-2025-63652HIGHCVSS 7.5EG 7.52026-01-29
A use-after-free in the mk_http_request_end function (mk_server/mk_http.c) of monkey commit f37e984 allows attackers to cause a Denial of Service (DoS) via sending a crafted HTTP request to the server.
- CVE-2025-64183HIGHCVSS 7.5EG 7.52025-11-10
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.2.0 through 3.2.4, 3.3.0 through 3.3.5, and 3.4.0 through 3.4.2, there is a use-…
- CVE-2025-6424CRITICALCVSS 9.8EG 9.82025-06-24
A use-after-free in FontFaceSet resulted in a potentially exploitable crash. This vulnerability was fixed in Firefox 140, Firefox ESR 115.25, Firefox ESR 128.12, Thunderbird 140, and Thunderbird 128.12.
- CVE-2025-64468HIGHCVSS 7.8EG 7.82025-12-18
There is a use-after-free vulnerability in sentry!sentry_span_set_data() when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker t…
- CVE-2025-64531HIGHCVSS 7.8EG 7.82025-11-11
Substance3D - Stager versions 3.1.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a…
- CVE-2025-65405MEDIUMCVSS 6.5EG 6.52025-12-01
A use-after-free in the ADTSAudioFileSource::samplingFrequency() function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service (DoS) via supplying a crafted ADTS/AAC file.
- CVE-2025-65407MEDIUMCVSS 6.5EG 6.52025-12-01
A use-after-free in the MPEG1or2Demux::newElementaryStream() function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MPEG Program stream.
- CVE-2025-65503MEDIUMCVSS 5.5EG 7.52025-11-24
Use after free in endpoint destructors in Redboltz async_mqtt 10.2.5 allows local users to cause a denial of service via triggering SSL initialization failure that results in incorrect destruction order between io_context and endpoint obje…
- CVE-2025-6555MEDIUMCVSS 5.4EG 6.52025-06-24
Use after free in Animation in Google Chrome prior to 138.0.7204.49 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
- CVE-2025-65953MEDIUMCVSS 6.0EG 6.02025-11-25
NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform. Prior to version 0.22.5, a Heap-Use-After-Free (UAF) vulnerability exists in the TCP transport component of NanoMQ, which relies on the underlying NanoNNG library (speci…
- CVE-2025-65955MEDIUMCVSS 6.1EG 4.92025-12-02
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-9 and 6.9.13-34, there is a vulnerability in ImageMagick’s Magick++ layer that manifests when Options::fontFamily is invoked wi…
- CVE-2025-66023MEDIUMCVSS 4.9EG 4.92026-01-01
NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform. Versions prior to 0.24.5 have a Heap-Use-After-Free (UAF) vulnerability within the MQTT bridge client component (implemented via the underlying NanoNNG library). The vul…
- CVE-2025-66326MEDIUMCVSS 4.7EG 6.72025-12-08
Race condition vulnerability in the audio module. Impact: Successful exploitation of this vulnerability may affect availability.
- CVE-2025-6636HIGHCVSS 7.8EG 7.82025-07-29
A maliciously crafted PRT file, when parsed through certain Autodesk products, can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in …
- CVE-2025-6640HIGHCVSS 7.8EG 7.82025-06-25
PDF-XChange Editor U3D File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to e…
- CVE-2025-6644HIGHCVSS 7.8EG 7.82025-06-25
PDF-XChange Editor U3D File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to e…
- CVE-2025-6645HIGHCVSS 7.8EG 7.82025-06-25
PDF-XChange Editor U3D File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to e…
- CVE-2025-6646LOWCVSS 3.3EG 3.32025-06-25
PDF-XChange Editor U3D File Parsing Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is requ…
- CVE-2025-66493HIGHCVSS 7.8EG 7.82025-12-19
A use-after-free vulnerability exists in the AcroForm handling of Foxit PDF Reader and Foxit PDF Editor before 2025.2.1,14.0.1 and 13.2.1 on Windows . When opening a PDF containing specially crafted JavaScript, a pointer to memory that …
- CVE-2025-66494HIGHCVSS 7.8EG 7.82025-12-19
A use-after-free vulnerability exists in the PDF file parsing of Foxit PDF Reader before 2025.2.1, 14.0.1, and 13.2.1 on Windows. A PDF object managed by multiple parent objects could be freed while still being referenced, potentially allo…
- CVE-2025-66495HIGHCVSS 7.8EG 7.82025-12-19
A use-after-free vulnerability exists in the annotation handling of Foxit PDF Reader before 2025.2.1, 14.0.1, and 13.2.1 on Windows and MacOS. When opening a PDF containing specially crafted JavaScript, a pointer to memory that has already…
- CVE-2025-66585HIGHCVSS 7.8EG 7.82025-12-11
In AzeoTech DAQFactory release 20.7 (Build 2555), a use after free vulnerability can be exploited to cause memory corruption while parsing specially crafted .ctl files. This could allow an attacker to execute code in the context of the cur…
Map vulnerabilities like CWE-416 to your infrastructure
EchelonGraph correlates every CVE — across CWE-416 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →