← Back
CWE-416

7,675 CVEs • Abstraction: Variant • Likelihood of Exploit: High

Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

JSON object

Loading...

CVEs (7,675)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
1Microsoft
3365 Apps
OfficeOffice Long Term Servicing Channel
Jun 17, 2026
Jan 13, 2026
N/A· v4
8.4 HIGH· v3
N/A· v2
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
1Microsoft
5365 Apps
ExcelOffice+2 more
Jun 17, 2026
Jan 13, 2026
N/A· v4
7.8 HIGH· v3
N/A· v2
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
1Microsoft
10Windows 10 1809
Windows 10 21h2Windows 10 22h2+7 more
Jun 17, 2026
Jan 13, 2026
N/A· v4
7.8 HIGH· v3
N/A· v2
Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally.
1Microsoft
10Windows 10 1809
Windows 10 21h2Windows 10 22h2+7 more
Jun 17, 2026
Jan 13, 2026
N/A· v4
7.8 HIGH· v3
N/A· v2
Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally.
1Microsoft
3Windows 11 23h2
Windows Server 2022Windows Server 2022 23h2
Jun 17, 2026
Jan 13, 2026
N/A· v4
7.8 HIGH· v3
N/A· v2
Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.
1Microsoft
10Windows 10 1809
Windows 10 21h2Windows 10 22h2+7 more
Jun 17, 2026
Jan 13, 2026
N/A· v4
7.8 HIGH· v3
N/A· v2
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally.
1Microsoft
10Windows 10 1809
Windows 10 21h2Windows 10 22h2+7 more
Jun 17, 2026
Jan 13, 2026
N/A· v4
7.8 HIGH· v3
N/A· v2
Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally.
1Microsoft
10Windows 10 1809
Windows 10 21h2Windows 10 22h2+7 more
Jun 17, 2026
Jan 13, 2026
N/A· v4
7.8 HIGH· v3
N/A· v2
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally.
1Microsoft
10Windows 10 1809
Windows 10 21h2Windows 10 22h2+7 more
Jun 17, 2026
Jan 13, 2026
N/A· v4
7.8 HIGH· v3
N/A· v2
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally.
1Microsoft
8Windows 10 21h2
Windows 10 22h2Windows 11 23h2+5 more
Jun 17, 2026
Jan 13, 2026
N/A· v4
7.8 HIGH· v3
N/A· v2
Use after free in Desktop Windows Manager allows an authorized attacker to elevate privileges locally.
1Microsoft
3Windows 11 24h2
Windows 11 25h2Windows Server 2025
Jun 17, 2026
Jan 13, 2026
N/A· v4
7.8 HIGH· v3
N/A· v2
Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.
1Microsoft
10Windows 10 1809
Windows 10 21h2Windows 10 22h2+7 more
Jun 17, 2026
Jan 13, 2026
N/A· v4
7.8 HIGH· v3
N/A· v2
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally.
1Microsoft
10Windows 10 1809
Windows 10 21h2Windows 10 22h2+7 more
Jun 17, 2026
Jan 13, 2026
N/A· v4
7.8 HIGH· v3
N/A· v2
Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally.
1Microsoft
10Windows 10 1809
Windows 10 21h2Windows 10 22h2+7 more
Jun 17, 2026
Jan 13, 2026
N/A· v4
7.8 HIGH· v3
N/A· v2
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally.
1Microsoft
3Windows 11 24h2
Windows 11 25h2Windows Server 2025
Jun 17, 2026
Jan 13, 2026
N/A· v4
7.8 HIGH· v3
N/A· v2
Use after free in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally.
1Microsoft
10Windows 10 1809
Windows 10 21h2Windows 10 22h2+7 more
Jun 17, 2026
Jan 13, 2026
N/A· v4
7.8 HIGH· v3
N/A· v2
Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally.
1Microsoft
3Windows 11 24h2
Windows 11 25h2Windows Server 2025
Jun 17, 2026
Jan 13, 2026
N/A· v4
7.5 HIGH· v3
N/A· v2
Use after free in Windows Local Security Authority Subsystem Service (LSASS) allows an authorized attacker to execute code over a network.
1Microsoft
12Windows 10 1607
Windows 10 1809Windows 10 21h2+9 more
Jun 17, 2026
Jan 13, 2026
N/A· v4
7.4 HIGH· v3
N/A· v2
Use after free in Windows Clipboard Server allows an unauthorized attacker to elevate privileges locally.
1Microsoft
8Windows 10 21h2
Windows 10 22h2Windows 11 23h2+5 more
Jun 17, 2026
Jan 13, 2026
N/A· v4
7.0 HIGH· v3
N/A· v2
Use after free in Windows DWM allows an authorized attacker to elevate privileges locally.
1Microsoft
1Windows Server 2025
Jun 17, 2026
Jan 13, 2026
N/A· v4
7.0 HIGH· v3
N/A· v2
Concurrent execution using shared resource with improper synchronization ('race condition') in Capability Access Management Service (camsvc) allows an authorized attacker to elevate privileges locally.