← Back
CWE-416

7,752 CVEs • Abstraction: Variant • Likelihood of Exploit: High

Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

JSON object

Loading...

CVEs (7,752)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
1Google
1Chrome
Jul 1, 2026
Jun 30, 2026
N/A· v4
9.6 CRITICAL· v3
N/A· v2
Use after free in Bluetooth in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium sec...Show more
Use after free in Bluetooth in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)Show less
1Google
1Chrome
Jul 2, 2026
Jun 30, 2026
N/A· v4
8.8 HIGH· v3
N/A· v2
Use after free in WebView in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
1Google
1Chrome
Jul 6, 2026
Jun 30, 2026
N/A· v4
9.6 CRITICAL· v3
N/A· v2
Use after free in Device in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium se...Show more
Use after free in Device in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)Show less
1Google
1Chrome
Jul 1, 2026
Jun 30, 2026
N/A· v4
9.6 CRITICAL· v3
N/A· v2
Use after free in Core in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severi...Show more
Use after free in Core in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)Show less
1Google
1Chrome
Jul 2, 2026
Jun 30, 2026
N/A· v4
7.5 HIGH· v3
N/A· v2
Use after free in Ozone in Google Chrome on Linux prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium secur...Show more
Use after free in Ozone in Google Chrome on Linux prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)Show less
1Google
1Chrome
Jul 1, 2026
Jun 30, 2026
N/A· v4
9.6 CRITICAL· v3
N/A· v2
Use after free in Ozone in Google Chrome on Linux prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium secur...Show more
Use after free in Ozone in Google Chrome on Linux prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)Show less
1Google
1Chrome
Jul 1, 2026
Jun 30, 2026
N/A· v4
9.6 CRITICAL· v3
N/A· v2
Use after free in Journeys in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security se...Show more
Use after free in Journeys in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)Show less
1Google
1Chrome
Jul 2, 2026
Jun 30, 2026
N/A· v4
8.8 HIGH· v3
N/A· v2
Use after free in Forms in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
1Google
1Chrome
Jul 2, 2026
Jun 30, 2026
N/A· v4
9.6 CRITICAL· v3
N/A· v2
Use after free in USB in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security...Show more
Use after free in USB in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)Show less
1Google
1Chrome
Jul 2, 2026
Jun 30, 2026
N/A· v4
8.8 HIGH· v3
N/A· v2
Use after free in DOM in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
1Google
1Chrome
Jul 2, 2026
Jun 30, 2026
N/A· v4
7.8 HIGH· v3
N/A· v2
Use after free in Updater in Google Chrome on Windows prior to 150.0.7871.47 allowed a local attacker to perform OS-level privilege escalation via a malicious file. (Chromium security severity: High)
1Google
1Chrome
Jul 2, 2026
Jun 30, 2026
N/A· v4
8.3 HIGH· v3
N/A· v2
Use after free in Headless in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security se...Show more
Use after free in Headless in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)Show less
1Google
1Chrome
Jul 2, 2026
Jun 30, 2026
N/A· v4
7.5 HIGH· v3
N/A· v2
Out of bounds read and write in GPU in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium...Show more
Out of bounds read and write in GPU in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)Show less
1Google
1Chrome
Jul 2, 2026
Jun 30, 2026
N/A· v4
8.8 HIGH· v3
N/A· v2
Use after free in Chromoting in Google Chrome on Linux prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via malicious network traffic. (Chromium security severity: High)
1Google
1Chrome
Jul 2, 2026
Jun 30, 2026
N/A· v4
7.8 HIGH· v3
N/A· v2
Use after free in Updater in Google Chrome on Mac prior to 150.0.7871.47 allowed a local attacker to perform privilege escalation via a malicious file. (Chromium security severity: High)
1Google
1Chrome
Jul 2, 2026
Jun 30, 2026
N/A· v4
8.3 HIGH· v3
N/A· v2
Use after free in Glic in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severi...Show more
Use after free in Glic in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)Show less
1Google
1Chrome
Jul 2, 2026
Jun 30, 2026
N/A· v4
8.8 HIGH· v3
N/A· v2
Use after free in Canvas in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
1Google
1Chrome
Jul 2, 2026
Jun 30, 2026
N/A· v4
8.8 HIGH· v3
N/A· v2
Use after free in Blink in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
1Google
1Chrome
Jul 2, 2026
Jun 30, 2026
N/A· v4
7.5 HIGH· v3
N/A· v2
Use after free in Views in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium s...Show more
Use after free in Views in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)Show less
1Google
1Chrome
Jul 2, 2026
Jun 30, 2026
N/A· v4
8.8 HIGH· v3
N/A· v2
Use after free in IME in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)