← Back
CWE-416

7,675 CVEs • Abstraction: Variant • Likelihood of Exploit: High

Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

JSON object

Loading...

CVEs (7,675)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
1Adobe
1Substance 3d Stager
Jun 17, 2026
Nov 11, 2025
N/A· v4
7.8 HIGH· v3
N/A· v2
Substance3D - Stager versions 3.1.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user in...Show more
Substance3D - Stager versions 3.1.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
1Adobe
1Format Plugins
Jun 17, 2026
Nov 11, 2025
N/A· v4
5.5 MEDIUM· v3
N/A· v2
Format Plugins versions 1.1.1 and earlier are affected by a Use After Free vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information. Exploitation o...Show more
Format Plugins versions 1.1.1 and earlier are affected by a Use After Free vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
1Microsoft
2365 Apps
Office Long Term Servicing Channel
Jun 17, 2026
Nov 11, 2025
N/A· v4
7.8 HIGH· v3
N/A· v2
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
1Microsoft
14Windows 10 1607
Windows 10 1809Windows 10 21h2+11 more
Jun 17, 2026
Nov 11, 2025
N/A· v4
7.0 HIGH· v3
N/A· v2
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
1Microsoft
2365 Apps
Office Long Term Servicing Channel
Jun 17, 2026
Nov 11, 2025
N/A· v4
7.8 HIGH· v3
N/A· v2
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
1Microsoft
5365 Apps
ExcelOffice+2 more
Jun 17, 2026
Nov 11, 2025
N/A· v4
7.8 HIGH· v3
N/A· v2
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
1Microsoft
5365 Apps
365 CopilotExcel+2 more
Jun 17, 2026
Nov 11, 2025
N/A· v4
7.8 HIGH· v3
N/A· v2
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
1Microsoft
10Windows 10 1809
Windows 10 21h2Windows 10 22h2+7 more
Jun 17, 2026
Nov 11, 2025
N/A· v4
6.3 MEDIUM· v3
N/A· v2
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows DirectX allows an authorized attacker to deny service over a network.
1Microsoft
9Windows 10 1809
Windows 10 21h2Windows 10 22h2+6 more
Jun 17, 2026
Nov 11, 2025
N/A· v4
7.0 HIGH· v3
N/A· v2
Use after free in Windows Broadcast DVR User Service allows an authorized attacker to elevate privileges locally.
1Microsoft
10Windows 10 1809
Windows 10 21h2Windows 10 22h2+7 more
Jun 17, 2026
Nov 11, 2025
N/A· v4
7.0 HIGH· v3
N/A· v2
Use after free in Windows DirectX allows an authorized attacker to elevate privileges locally.
1Microsoft
10Windows 10 1809
Windows 10 21h2Windows 10 22h2+7 more
Jun 17, 2026
Nov 11, 2025
N/A· v4
7.8 HIGH· v3
N/A· v2
Use after free in Multimedia Class Scheduler Service (MMCSS) allows an authorized attacker to elevate privileges locally.
1Microsoft
9Windows 10 1809
Windows 10 21h2Windows 10 22h2+6 more
Jun 17, 2026
Nov 11, 2025
N/A· v4
7.0 HIGH· v3
N/A· v2
Use after free in Windows Broadcast DVR User Service allows an authorized attacker to elevate privileges locally.
1Adobe
1Incopy
Jun 17, 2026
Nov 11, 2025
N/A· v4
7.8 HIGH· v3
N/A· v2
InCopy versions 20.5, 19.5.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interacti...Show more
InCopy versions 20.5, 19.5.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
1Adobe
1Incopy
Jun 17, 2026
Nov 11, 2025
N/A· v4
7.8 HIGH· v3
N/A· v2
InCopy versions 20.5, 19.5.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interacti...Show more
InCopy versions 20.5, 19.5.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
1Adobe
1Indesign
Jun 17, 2026
Nov 11, 2025
N/A· v4
7.8 HIGH· v3
N/A· v2
InDesign Desktop versions 20.5, 19.5.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user...Show more
InDesign Desktop versions 20.5, 19.5.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
1Adobe
1Indesign
Jun 17, 2026
Nov 11, 2025
N/A· v4
7.8 HIGH· v3
N/A· v2
InDesign Desktop versions 20.5, 19.5.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user...Show more
InDesign Desktop versions 20.5, 19.5.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
1Mozilla
1Firefox
Jun 17, 2026
Nov 11, 2025
N/A· v4
8.8 HIGH· v3
N/A· v2
Use-after-free in the WebRTC: Audio/Video component. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, Thunderbird 145, and Thunderbird 140.5.
1Mozilla
1Firefox
Jun 17, 2026
Nov 11, 2025
N/A· v4
8.8 HIGH· v3
N/A· v2
Use-after-free in the Audio/Video component. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, Firefox ESR 115.30, Thunderbird 145, and Thunderbird 140.5.
1Openexr
1Openexr
Jun 17, 2026
Nov 10, 2025
5.5 MEDIUM· v4
7.5 HIGH· v3
N/A· v2
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.2.0 through 3.2.4, 3.3.0 through 3.3.5, and 3.4.0 through 3.4...Show more
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.2.0 through 3.2.4, 3.3.0 through 3.3.5, and 3.4.0 through 3.4.2, there is a use-after-free in PyObject_StealAttrString of pyOpenEXR_old.cpp. The legacy adapter defines PyObject_StealAttrString that calls PyObject_GetAttrString to obtain a new reference, immediately decrefs it, and returns the pointer. Callers then pass this dangling pointer to APIs like PyLong_AsLong/PyFloat_AsDouble, resulting in a use-after-free. This is invoked in multiple places (e.g., reading PixelType.v, Box2i, V2f, etc.) Versions 3.2.5, 3.3.6, and 3.4.3 fix the issue.Show less
1Google
1Chrome
Jun 17, 2026
Nov 10, 2025
N/A· v4
8.8 HIGH· v3
N/A· v2
Use after free in Ozone in Google Chrome on Linux and ChromeOS prior to 142.0.7444.59 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: Medium)