← Back
CWE-416

7,675 CVEs • Abstraction: Variant • Likelihood of Exploit: High

Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

JSON object

Loading...

CVEs (7,675)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
1Google
1Android
Jun 17, 2026
Dec 2, 2025
N/A· v4
6.7 MEDIUM· v3
N/A· v2
In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for...Show more
In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10182914; Issue ID: MSV-4795.Show less
1Google
1Android
Jun 17, 2026
Dec 2, 2025
N/A· v4
6.7 MEDIUM· v3
N/A· v2
In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for...Show more
In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10196993; Issue ID: MSV-4803.Show less
1Live555
1Streaming Media
Jun 17, 2026
Dec 1, 2025
N/A· v4
6.5 MEDIUM· v3
N/A· v2
A use-after-free in the MPEG1or2Demux::newElementaryStream() function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MPEG Program stream.
1Live555
1Streaming Media
Jun 17, 2026
Dec 1, 2025
N/A· v4
6.5 MEDIUM· v3
N/A· v2
A use-after-free in the ADTSAudioFileSource::samplingFrequency() function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service (DoS) via supplying a crafted ADTS/AAC file.
1Imaginationtech
1Ddk
Jun 17, 2026
Dec 1, 2025
N/A· v4
5.9 MEDIUM· v3
N/A· v2
Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger reads of stale data that can lead to kernel exceptions and write use-after-free. The Use After Free common weakness en...Show more
Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger reads of stale data that can lead to kernel exceptions and write use-after-free. The Use After Free common weakness enumeration was chosen as the stale data can include handles to resources in which the reference counts can become unbalanced. This can lead to the premature destruction of a resource while in use.Show less
1Arm
25th Gen Gpu Architecture Kernel Driver
Valhall Gpu Kernel Driver
Jun 17, 2026
Dec 1, 2025
N/A· v4
4.0 MEDIUM· v3
N/A· v2
Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform improper GPU processing operations to gain acces...Show more
Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform improper GPU processing operations to gain access to already freed memory.This issue affects Valhall GPU Kernel Driver: from r53p0 through r54p1; Arm 5th Gen GPU Architecture Kernel Driver: from r53p0 through r54p1.Show less
1Arm
25th Gen Gpu Architecture Kernel Driver
Valhall Gpu Kernel Driver
Jun 17, 2026
Dec 1, 2025
N/A· v4
5.1 MEDIUM· v3
N/A· v2
Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform improper GPU memory processing operations to gai...Show more
Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform improper GPU memory processing operations to gain access to already freed memory.This issue affects Valhall GPU Kernel Driver: from r53p0 through r54p1; Arm 5th Gen GPU Architecture Kernel Driver: from r53p0 through r54p1.Show less
1Huawei
2Emui
Harmonyos
Jun 17, 2026
Nov 28, 2025
N/A· v4
7.1 HIGH· v3
N/A· v2
UAF vulnerability in the USB driver module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.
1Huawei
1Harmonyos
Jun 17, 2026
Nov 28, 2025
N/A· v4
5.5 MEDIUM· v3
N/A· v2
UAF vulnerability in the screen recording framework module. Impact: Successful exploitation of this vulnerability may affect availability.
1Huawei
1Harmonyos
Jun 17, 2026
Nov 28, 2025
N/A· v4
5.5 MEDIUM· v3
N/A· v2
UAF vulnerability in the screen recording framework module. Impact: Successful exploitation of this vulnerability may affect availability.
-
-
Jun 17, 2026
Nov 25, 2025
6.0 MEDIUM· v4
N/A· v3
N/A· v2
NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform. Prior to version 0.22.5, a Heap-Use-After-Free (UAF) vulnerability exists in the TCP transport component of NanoMQ, which relies on the underlying Nan...Show more
NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform. Prior to version 0.22.5, a Heap-Use-After-Free (UAF) vulnerability exists in the TCP transport component of NanoMQ, which relies on the underlying NanoNNG library (specifically in src/sp/transport/mqtt/broker_tcp.c). The vulnerability is due to improper resource management and premature cleanup of message and pipe structures under specific malformed MQTTV5 retain message traffic conditions. This issue has been patched in version 0.22.5.Show less
1Redboltz
1Async Mqtt
Jun 17, 2026
Nov 24, 2025
N/A· v4
5.5 MEDIUM· v3
N/A· v2
Use after free in endpoint destructors in Redboltz async_mqtt 10.2.5 allows local users to cause a denial of service via triggering SSL initialization failure that results in incorrect destruction order between io_contex...Show more
Use after free in endpoint destructors in Redboltz async_mqtt 10.2.5 allows local users to cause a denial of service via triggering SSL initialization failure that results in incorrect destruction order between io_context and endpoint objects.Show less
1Gnu
1Grub2
Jun 30, 2026
Nov 18, 2025
N/A· v4
7.8 HIGH· v3
N/A· v2
A Use-After-Free vulnerability has been discovered in GRUB's gettext module. This flaw stems from a programming error where the gettext command remains registered in memory after its module is unloaded. An attacker can e...Show more
A Use-After-Free vulnerability has been discovered in GRUB's gettext module. This flaw stems from a programming error where the gettext command remains registered in memory after its module is unloaded. An attacker can exploit this condition by invoking the orphaned command, causing the application to access a memory location that is no longer valid. An attacker could exploit this vulnerability to cause grub to crash, leading to a Denial of Service. Possible data integrity or confidentiality compromise is not discarded.Show less
1Google
1Android
Jun 17, 2026
Nov 18, 2025
N/A· v4
8.0 HIGH· v3
N/A· v2
In bta_hf_client_cb_init of bta_hf_client_main.cc, there is a possible remote code execution due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interact...Show more
In bta_hf_client_cb_init of bta_hf_client_main.cc, there is a possible remote code execution due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Show less
1Google
1Chrome
Jun 17, 2026
Nov 14, 2025
N/A· v4
7.5 HIGH· v3
N/A· v2
Use after free in Internals in Google Chrome on iOS prior to 127.0.6533.88 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a series of curated U...Show more
Use after free in Internals in Google Chrome on iOS prior to 127.0.6533.88 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a series of curated UI gestures. (Chromium security severity: Medium)Show less
1Mruby
1Mruby
Jun 17, 2026
Nov 13, 2025
1.9 LOW· v4
5.5 MEDIUM· v3
4.3 MEDIUM· v2
A vulnerability has been found in mruby up to 3.4.0. This vulnerability affects the function sort_cmp of the file src/array.c. Such manipulation leads to use after free. An attack has to be approached locally. The exploi...Show more
A vulnerability has been found in mruby up to 3.4.0. This vulnerability affects the function sort_cmp of the file src/array.c. Such manipulation leads to use after free. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The name of the patch is eb398971bfb43c38db3e04528b68ac9a7ce509bc. It is advisable to implement a patch to correct this issue.Show less
-
-
Nov 14, 2025
Nov 12, 2025
6.9 MEDIUM· v4
N/A· v3
N/A· v2
AUTOMGEN versions up to and including 8.0.0.7 (also referenced as 8.022) contain a vulnerability in that project file handling frees an object and subsequently dereferences the stale pointer when processing certain malfo...Show more
AUTOMGEN versions up to and including 8.0.0.7 (also referenced as 8.022) contain a vulnerability in that project file handling frees an object and subsequently dereferences the stale pointer when processing certain malformed fields. The dangling-pointer use enables an attacker to influence an indirect call through attacker-controlled memory, resulting in denial-of-service. In some conditions, remote code execution may be possible.Show less
1Autodesk
13ds Max
Jun 17, 2026
Nov 12, 2025
N/A· v4
7.8 HIGH· v3
N/A· v2
A maliciously crafted DWG file, when parsed through Autodesk 3ds Max, can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrar...Show more
A maliciously crafted DWG file, when parsed through Autodesk 3ds Max, can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.Show less
1Linux
1Linux Kernel
Jun 17, 2026
Nov 12, 2025
N/A· v4
7.8 HIGH· v3
N/A· v2
In the Linux kernel, the following vulnerability has been resolved: tls: Use __sk_dst_get() and dst_dev_rcu() in get_netdev_for_sock(). get_netdev_for_sock() is called during setsockopt(), so not under RCU. Using sk_d...Show more
In the Linux kernel, the following vulnerability has been resolved: tls: Use __sk_dst_get() and dst_dev_rcu() in get_netdev_for_sock(). get_netdev_for_sock() is called during setsockopt(), so not under RCU. Using sk_dst_get(sk)->dev could trigger UAF. Let's use __sk_dst_get() and dst_dev_rcu(). Note that the only ->ndo_sk_get_lower_dev() user is bond_sk_get_lower_dev(), which uses RCU.Show less
1Adobe
1Substance 3d Stager
Jun 17, 2026
Nov 11, 2025
N/A· v4
7.8 HIGH· v3
N/A· v2
Substance3D - Stager versions 3.1.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user in...Show more
Substance3D - Stager versions 3.1.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less