CWE-416— Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.— MITRE CWE catalog
7,398 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-416page 137 of 148
- CVE-2026-43699MEDIUMCVSS 6.5EG 6.52026-06-29
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process cras…
- CVE-2026-43704MEDIUMCVSS 5.3EG 5.32026-06-29
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. A malicious web extension may be able to cause an unexpected process crash.
- CVE-2026-43709MEDIUMCVSS 6.5EG 6.52026-06-29
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process cras…
- CVE-2026-43715HIGHCVSS 8.8EG 8.82026-06-29
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to memory corruption.
- CVE-2026-43716MEDIUMCVSS 6.5EG 6.52026-06-29
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected Safari crash.
- CVE-2026-43717MEDIUMCVSS 6.5EG 6.52026-06-29
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected Safari crash.
- CVE-2026-43720MEDIUMCVSS 6.5EG 6.52026-06-29
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected Safari crash.
- CVE-2026-43726MEDIUMCVSS 6.5EG 6.52026-06-29
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process cras…
- CVE-2026-43727MEDIUMCVSS 6.5EG 6.52026-06-29
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected Safari crash.
- CVE-2026-43731HIGHCVSS 8.8EG 8.82026-06-29
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to memory corruption.
- CVE-2026-43734MEDIUMCVSS 6.5EG 6.52026-06-29
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process cras…
- CVE-2026-43740MEDIUMCVSS 6.5EG 6.52026-06-29
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may result in the disclosure of process memory.
- CVE-2026-43742MEDIUMCVSS 6.5EG 6.52026-06-29
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process cras…
- CVE-2026-43746MEDIUMCVSS 6.5EG 6.52026-06-29
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected Safari crash.
- CVE-2026-4390MEDIUMCVSS 5.4EG 5.42026-05-27
A weakness has been identified in TeamSpeak 3 Server up to 3.13.7. This affects the function process_resend_queue of the component Connection State Management. This manipulation causes use after free. The attack may be initiated remotely. …
- CVE-2026-44422HIGHCVSS 8.8EG 8.82026-05-29
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, FreeRDP's RDPEAR NDR parser accepts one non-null NDR pointer ref-id for multiple logical pointer fields without tracking the pointed object's expected NDR ty…
- CVE-2026-44800HIGHCVSS 7.8EG 7.82026-07-14
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.
- CVE-2026-44801HIGHCVSS 7.5EG 7.52026-06-09
Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
- CVE-2026-44802HIGHCVSS 7.8EG 7.82026-06-09
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
- CVE-2026-44804HIGHCVSS 7.8EG 7.82026-06-09
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
- CVE-2026-44805MEDIUMCVSS 5.5EG 5.52026-06-09
Use after free in Windows Network Controller (NC) Host Agent allows an authorized attacker to deny service locally.
- CVE-2026-44807HIGHCVSS 7.8EG 7.82026-06-09
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
- CVE-2026-44808HIGHCVSS 7.8EG 7.82026-06-09
Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
- CVE-2026-44809HIGHCVSS 7.8EG 7.82026-06-09
Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
- CVE-2026-44811HIGHCVSS 7.8EG 7.82026-06-09
Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
- CVE-2026-44813HIGHCVSS 7.8EG 7.82026-06-09
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
- CVE-2026-44823HIGHCVSS 7.8EG 7.82026-06-09
Numeric truncation error in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
- CVE-2026-45185CRITICALCVSS 9.8EG 9.82026-05-12
Exim before 4.99.3, in certain GnuTLS configurations, has a remotely reachable use-after-free in the BDAT body parsing path. It is triggered when a client sends a TLS close_notify mid-body during a CHUNKING transfer, followed by a final cl…
- CVE-2026-45251HIGHCVSS 7.8EG 7.82026-05-21
A file descriptor can be closed while a thread is blocked in a poll(2) or select(2) call waiting for that descriptor. Because the blocked thread does not hold a reference to the underlying object, this closure may result in the object bei…
- CVE-2026-45447HIGHCVSS 8.8EG 9.82026-06-09
Issue summary: A specially crafted PKCS#7 or S/MIME signed message could trigger a use-after-free during PKCS#7 signature verification. Impact summary: A use-after-free may result in process crashes, heap corruption, or potentially remote…
- CVE-2026-45458HIGHCVSS 8.4EG 8.42026-06-09
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
- CVE-2026-45461HIGHCVSS 8.4EG 8.42026-06-09
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
- CVE-2026-45472HIGHCVSS 8.4EG 8.42026-06-09
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
- CVE-2026-45474HIGHCVSS 8.4EG 8.42026-06-09
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
- CVE-2026-45476HIGHCVSS 8.2EG 8.22026-06-09
Use after free in Linux MANA Driver allows an authorized attacker to elevate privileges locally.
- CVE-2026-45486HIGHCVSS 7.8EG 7.82026-06-09
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- CVE-2026-45592HIGHCVSS 7.8EG 7.82026-06-09
Integer overflow or wraparound in Windows Internet (wininet.dll) allows an authorized attacker to elevate privileges locally.
- CVE-2026-45593HIGHCVSS 7.8EG 7.82026-06-09
Use after free in Windows SDK allows an authorized attacker to elevate privileges locally.
- CVE-2026-45596HIGHCVSS 7.0EG 7.02026-06-09
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
- CVE-2026-45599HIGHCVSS 8.1EG 8.12026-06-09
Use after free in Universal Plug and Play (upnp.dll) allows an unauthorized attacker to execute code over a network.
- CVE-2026-45601HIGHCVSS 7.0EG 7.02026-06-09
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
- CVE-2026-45603HIGHCVSS 7.0EG 7.02026-06-09
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
- CVE-2026-45605HIGHCVSS 7.8EG 7.82026-06-09
Use after free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally.
- CVE-2026-45635HIGHCVSS 8.1EG 8.12026-06-09
Access of resource using incompatible type ('type confusion') in Universal Plug and Play (upnp.dll) allows an unauthorized attacker to execute code over a network.
- CVE-2026-45637HIGHCVSS 7.8EG 7.82026-06-09
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
- CVE-2026-45640HIGHCVSS 7.0EG 7.02026-06-09
Use after free in Windows Bluetooth Port Driver allows an authorized attacker to elevate privileges locally.
- CVE-2026-45653HIGHCVSS 7.0EG 7.02026-06-09
Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.
- CVE-2026-45657CRITICALCVSS 9.8EG 9.82026-06-09
Use after free in Windows Kernel allows an unauthorized attacker to execute code over a network.
- CVE-2026-45782HIGHCVSS 8.9EG 8.92026-06-10
Cloud Hypervisor is a Virtual Machine Monitor for Cloud workloads. From version 21.0 to before version 51.2, a guest can cause a use-after-free in the cloud-hypervisor process by submitting two virtio-block descriptor chains that reuse the…
- CVE-2026-45837HIGHCVSS 7.8EG 7.82026-05-27
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix use-after-free in arena_vm_close on fork arena_vm_open() only bumps vml->mmap_count but never registers the child VMA in arena->vma_list. The vml->vma always po…
Map vulnerabilities like CWE-416 to your infrastructure
EchelonGraph correlates every CVE — across CWE-416 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →