CWE-416
7,688 CVEs • Abstraction: Variant • Likelihood of Exploit: High
Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
CVEs (7,688)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Microsoft 14Windows 10 1607 Windows 10 1809Windows 10 21h2+11 moreJun 17, 2026 Mar 10, 2026 N/A· v4 7.0 HIGH· v3 N/A· v2 Use after free in Windows Authentication Methods allows an authorized attacker to elevate privileges locally. |
1Microsoft 7Windows 11 23h2 Windows 11 24h2Windows 11 25h2+4 moreJun 17, 2026 Mar 10, 2026 N/A· v4 7.0 HIGH· v3 N/A· v2 Use after free in Windows Hyper-V allows an authorized attacker to elevate privileges locally. |
1Microsoft 4Windows 11 24h2 Windows 11 25h2Windows 11 26h1+1 moreJun 17, 2026 Mar 10, 2026 N/A· v4 7.4 HIGH· v3 N/A· v2 Use after free in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally. |
1Microsoft 13Windows 10 1607 Windows 10 1809Windows 10 21h2+10 moreJun 17, 2026 Mar 10, 2026 N/A· v4 7.0 HIGH· v3 N/A· v2 Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Device Association Service allows an authorized attacker to elevate privileges locally. |
1Microsoft 11Windows 10 1809 Windows 10 21h2Windows 10 22h2+8 moreJun 17, 2026 Mar 10, 2026 N/A· v4 7.8 HIGH· v3 N/A· v2 Use after free in Connected Devices Platform Service (Cdpsvc) allows an authorized attacker to elevate privileges locally. |
1Microsoft 14Windows 10 1607 Windows 10 1809Windows 10 21h2+11 moreJun 19, 2026 Mar 10, 2026 N/A· v4 7.8 HIGH· v3 N/A· v2 Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally. |
1Microsoft 15365 Copilot OfficeWindows 10 1607+12 moreJun 17, 2026 Mar 10, 2026 N/A· v4 7.0 HIGH· v3 N/A· v2 Use after free in Windows Win32K allows an authorized attacker to elevate privileges locally. |
1Microsoft 13Windows 10 1607 Windows 10 1809Windows 10 21h2+10 moreJun 17, 2026 Mar 10, 2026 N/A· v4 7.0 HIGH· v3 N/A· v2 Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Bluetooth RFCOM Protocol Driver allows an authorized attacker to elevate privileges locally. |
1Microsoft 14Windows 10 1607 Windows 10 1809Windows 10 21h2+11 moreJun 17, 2026 Mar 10, 2026 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in RPC Runtime allows an authorized attacker to execute code over a network. |
1Microsoft 7Windows 10 1809 Windows 10 21h2Windows 10 22h2+4 moreJun 17, 2026 Mar 10, 2026 N/A· v4 7.0 HIGH· v3 N/A· v2 Use after free in Broadcast DVR allows an authorized attacker to elevate privileges locally. |
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a heap-use-after-free vulnerability exists in the MSL encoder, where a cloned image...Show more |
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a heap use-after-free vulnerability in ImageMagick's MSL decoder allows an attacker...Show more |
PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, a heap use-after-free vulnerability exists in PJSIP's event subscription framework (evsub.c) that is triggered during...Show more |
Ubuntu Linux 6.8 GA retains the legacy AF_UNIX garbage collector but backports upstream commit 8594d9b85c07 ("af_unix: Don’t call skb_get() for OOB skb"). When orphaned MSG_OOB sockets hit unix_gc(), the garbage collecto...Show more |
NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform. In version 0.24.6, by generating a combined traffic pattern of high-frequency publishes and rapid reconnect/kick-out using the same ClientID and massi...Show more |
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid UAF in f2fs_write_end_io() As syzbot reported an use-after-free issue in f2fs_write_end_io(). It is caused by below race condition...Show more |
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix use-after-free in nf_tables_addchain() nf_tables_addchain() publishes the chain to table->chains via list_add_tail_rcu() (in...Show more |
In smmu_detach_dev of arm-smmu-v3.c, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not need...Show more |
1Qualcomm 165Ar8031 Firmware Ar8035 FirmwareCsra6620 Firmware+162 moreJun 17, 2026 Mar 2, 2026 N/A· v4 7.8 HIGH· v3 N/A· v2 Memory Corruption while invoking IOCTL calls when concurrent access to shared buffer occurs. |
1Qualcomm 25Lemans Au Lgit Firmware Lemansau FirmwareQam8255p Firmware+22 moreJun 17, 2026 Mar 2, 2026 N/A· v4 7.8 HIGH· v3 N/A· v2 Memory Corruption while processing IOCTL calls when concurrent access to shared buffer occurs. |