CWE-416— Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.— MITRE CWE catalog
7,398 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-416page 134 of 148
- CVE-2026-32090HIGHCVSS 7.8EG 7.82026-04-14
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Speech Brokered Api allows an authorized attacker to elevate privileges locally.
- CVE-2026-32091HIGHCVSS 8.4EG 8.42026-04-14
Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally.
- CVE-2026-32152HIGHCVSS 7.8EG 7.82026-04-14
Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally.
- CVE-2026-32153HIGHCVSS 7.8EG 7.82026-04-14
Use after free in Microsoft Windows Speech allows an authorized attacker to elevate privileges locally.
- CVE-2026-32154HIGHCVSS 7.8EG 7.82026-04-14
Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally.
- CVE-2026-32155HIGHCVSS 7.8EG 7.82026-04-14
Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally.
- CVE-2026-32156HIGHCVSS 7.4EG 7.42026-04-14
Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an unauthorized attacker to execute code locally.
- CVE-2026-32157HIGHCVSS 8.8EG 8.82026-04-14
Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
- CVE-2026-32158HIGHCVSS 7.8EG 7.82026-04-14
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.
- CVE-2026-32159HIGHCVSS 7.8EG 7.82026-04-14
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.
- CVE-2026-32161HIGHCVSS 7.5EG 7.52026-05-12
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Native WiFi Miniport Driver allows an unauthorized attacker to execute code over an adjacent network.
- CVE-2026-32163HIGHCVSS 7.8EG 7.82026-04-14
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows User Interface Core allows an authorized attacker to elevate privileges locally.
- CVE-2026-32165HIGHCVSS 7.8EG 7.82026-04-14
Use after free in Windows User Interface Core allows an authorized attacker to elevate privileges locally.
- CVE-2026-32189HIGHCVSS 7.8EG 7.82026-04-14
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
- CVE-2026-32190HIGHCVSS 8.4EG 8.42026-04-14
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
- CVE-2026-32197HIGHCVSS 7.8EG 7.82026-04-14
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
- CVE-2026-32198HIGHCVSS 7.8EG 7.82026-04-14
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
- CVE-2026-32199HIGHCVSS 7.8EG 7.82026-04-14
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
- CVE-2026-32200HIGHCVSS 7.8EG 7.82026-04-14
Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.
- CVE-2026-32224HIGHCVSS 7.0EG 7.02026-04-14
Use after free in Windows Server Update Service allows an authorized attacker to elevate privileges locally.
- CVE-2026-32748HIGHCVSS 7.5EG 7.52026-03-26
Squid is a caching proxy for the Web. Prior to version 7.5, due to premature release of resource during expected lifetime and heap Use-After-Free bugs, Squid is vulnerable to Denial of Service when handling ICP traffic. This problem allows…
- CVE-2026-33018HIGHCVSS 7.0EG 7.02026-04-14
libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and prior contain a Use-After-Free vulnerability via the load_gif() function in fromgif.c, where a single sixel_frame_t object is reused across a…
- CVE-2026-33021HIGHCVSS 7.3EG 7.32026-04-14
libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and prior contain a use-after-free vulnerability in sixel_encoder_encode_bytes() because sixel_frame_init() stores the caller-owned pixel buffer …
- CVE-2026-33023HIGHCVSS 7.8EG 7.82026-04-14
libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. In versions 1.8.7 and prior, when built with the --with-gdk-pixbuf2 option, a use-after-free vulnerability exists in load_with_gdkpixbuf() in loader.c. The clea…
- CVE-2026-33095HIGHCVSS 7.8EG 7.82026-04-14
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- CVE-2026-33098HIGHCVSS 7.8EG 7.82026-04-14
Use after free in Windows Container Isolation FS Filter Driver allows an authorized attacker to elevate privileges locally.
- CVE-2026-33099HIGHCVSS 7.0EG 7.02026-04-14
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
- CVE-2026-33100HIGHCVSS 7.0EG 7.02026-04-14
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
- CVE-2026-33101HIGHCVSS 7.8EG 7.82026-04-14
Use after free in Windows Print Spooler Components allows an authorized attacker to elevate privileges locally.
- CVE-2026-33104HIGHCVSS 7.0EG 7.02026-04-14
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.
- CVE-2026-33115HIGHCVSS 8.4EG 8.42026-04-14
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- CVE-2026-33150HIGHCVSS 7.8EG 7.82026-03-20
libfuse is the reference implementation of the Linux FUSE. From version 3.18.0 to before version 3.18.2, a use-after-free vulnerability in the io_uring subsystem of libfuse allows a local attacker to crash FUSE filesystem processes and pot…
- CVE-2026-33259MEDIUMCVSS 5.0EG 5.02026-04-22
Having many concurrent transfers of the same RPZ can lead to inconsistent RPZ data, use after free and/or a crash of the recursor. Normally concurrent transfers of the same RPZ zone can only occur with a malfunctioning RPZ provider.
- CVE-2026-33278CRITICALCVSS 9.8EG 9.82026-05-20
NLnet Labs Unbound 1.19.1 up to and including version 1.25.0 has a vulnerability in the DNSSEC validator that enables denial of service and possible remote code execution as a result of deep copying a data structure and erroneously overwri…
- CVE-2026-33526HIGHCVSS 7.5EG 7.52026-03-26
Squid is a caching proxy for the Web. Prior to version 7.5, due to heap Use-After-Free, Squid is vulnerable to Denial of Service when handling ICP traffic. This problem allows a remote attacker to perform a reliable and repeatable Denial o…
- CVE-2026-33835HIGHCVSS 7.8EG 7.82026-05-12
Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.
- CVE-2026-33840HIGHCVSS 7.8EG 7.82026-05-12
Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.
- CVE-2026-34192HIGHCVSS 7.7EG 7.72026-06-19
Software installed and run as a non-privileged user may conduct improper GPU system calls to cause an error path leading to UAF of GPU page tables. The vulnerability allows physical memory allocated for MMU page tables to be used after …
- CVE-2026-34196HIGHCVSS 7.8EG 7.82026-07-10
Software installed and run as a non-privileged user may conduct improper GPU system calls to cause an integer overflow and map two GPU virtual addresses to the same physical address. One of these virutal mappings can be freed along with th…
- CVE-2026-34330HIGHCVSS 7.8EG 7.82026-05-12
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.
- CVE-2026-34331HIGHCVSS 7.0EG 7.02026-05-12
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.
- CVE-2026-34332HIGHCVSS 8.0EG 8.02026-05-12
Use after free in Windows Kernel-Mode Drivers allows an authorized attacker to execute code over a network.
- CVE-2026-34333HIGHCVSS 7.8EG 7.82026-05-12
Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.
- CVE-2026-34335HIGHCVSS 7.0EG 7.02026-06-09
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
- CVE-2026-34337HIGHCVSS 7.8EG 7.82026-05-12
Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.
- CVE-2026-34338HIGHCVSS 7.8EG 7.82026-05-12
Use after free in Windows Telephony Service allows an authorized attacker to elevate privileges locally.
- CVE-2026-34340HIGHCVSS 7.0EG 7.02026-05-12
Use after free in Windows Projected File System allows an authorized attacker to elevate privileges locally.
- CVE-2026-34345HIGHCVSS 7.0EG 7.02026-05-12
Access of resource using incompatible type ('type confusion') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
- CVE-2026-34347HIGHCVSS 7.0EG 7.02026-05-12
Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.
- CVE-2026-34638HIGHCVSS 7.8EG 7.82026-05-12
Premiere Pro versions 26.0.2, 25.6.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that …
Map vulnerabilities like CWE-416 to your infrastructure
EchelonGraph correlates every CVE — across CWE-416 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →