CWE-826— Premature Release of Resource During Expected Lifetime
The product releases a resource that is still intended to be used by itself or another actor.— MITRE CWE catalog
10 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-826page 1 of 1
- CVE-2023-1297MEDIUMCVSS 4.9EG 4.92023-06-02
Consul and Consul Enterprise's cluster peering implementation contained a flaw whereby a peer cluster with service of the same name as a local service could corrupt Consul state, resulting in denial of service. This vulnerability was resol…
- CVE-2024-51727MEDIUMCVSS 6.5EG 6.52024-12-06
Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x contains a feature that could enable attackers to invalidate a legitimate user's session and cause a denial-of-service attack on a user's account.
- CVE-2024-58249LOWCVSS 3.7EG 3.72025-04-16
In wxWidgets before 3.2.7, a crash can be triggered in wxWidgets apps when connections are refused in wxWebRequestCURL.
- CVE-2025-24912LOWCVSS 3.7EG 3.72025-03-12
hostapd fails to process crafted RADIUS packets properly. When hostapd authenticates wi-fi devices with RADIUS authentication, an attacker in the position between the hostapd and the RADIUS server may inject crafted RADIUS packets and forc…
- CVE-2025-31115HIGHCVSS 8.7EG 8.72025-04-03
XZ Utils provide a general-purpose data-compression library plus command-line tools. In XZ Utils 5.3.3alpha to 5.8.0, the multithreaded .xz decoder in liblzma has a bug where invalid input can at least result in a crash. The effects includ…
- CVE-2026-31663HIGHCVSS 7.8EG 7.82026-04-24
In the Linux kernel, the following vulnerability has been resolved: xfrm: hold dev ref until after transport_finish NF_HOOK After async crypto completes, xfrm_input_resume() calls dev_put() immediately on re-entry before the skb reaches …
- CVE-2026-32748HIGHCVSS 7.5EG 7.52026-03-26
Squid is a caching proxy for the Web. Prior to version 7.5, due to premature release of resource during expected lifetime and heap Use-After-Free bugs, Squid is vulnerable to Denial of Service when handling ICP traffic. This problem allows…
- CVE-2026-33526HIGHCVSS 7.5EG 7.52026-03-26
Squid is a caching proxy for the Web. Prior to version 7.5, due to heap Use-After-Free, Squid is vulnerable to Denial of Service when handling ICP traffic. This problem allows a remote attacker to perform a reliable and repeatable Denial o…
- CVE-2026-45984HIGHCVSS 7.8EG 7.82026-05-27
In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix use-after-free in iomap inline data write path The inline data buffer head (dibh) is being released prematurely in gfs2_iomap_begin() via release_metapath() wh…
- CVE-2026-53322HIGHCVSS 8.8EG 8.82026-06-26
In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Clean up DMABUFs before disabling function On device shutdown, make vfio_pci_core_close_device() call vfio_pci_dma_buf_cleanup() before the function is disable…
Map vulnerabilities like CWE-826 to your infrastructure
EchelonGraph correlates every CVE — across CWE-826 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →