← Back
CWE-416

7,752 CVEs • Abstraction: Variant • Likelihood of Exploit: High

Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

JSON object

Loading...

CVEs (7,752)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
1Microsoft
12Windows 10 1607
Windows 10 1809Windows 10 21h2+9 more
Jun 17, 2026
Jun 9, 2026
N/A· v4
7.8 HIGH· v3
N/A· v2
Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.
1Microsoft
10Windows 10 1809
Windows 10 21h2Windows 10 22h2+7 more
Jun 17, 2026
Jun 9, 2026
N/A· v4
7.5 HIGH· v3
N/A· v2
Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
1Microsoft
4Windows Server 2016
Windows Server 2019Windows Server 2022+1 more
Jun 17, 2026
Jun 9, 2026
N/A· v4
7.5 HIGH· v3
N/A· v2
Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
1Microsoft
13Windows 10 1607
Windows 10 1809Windows 10 21h2+10 more
Jun 17, 2026
Jun 9, 2026
N/A· v4
8.8 HIGH· v3
N/A· v2
Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
1Microsoft
4365 Apps
OfficeOffice 2021+1 more
Jun 17, 2026
Jun 9, 2026
N/A· v4
7.0 HIGH· v3
N/A· v2
Use after free in Microsoft Office Click-To-Run allows an authorized attacker to elevate privileges locally.
1Microsoft
6Windows 11 23h2
Windows 11 24h2Windows 11 25h2+3 more
Jun 17, 2026
Jun 9, 2026
N/A· v4
9.8 CRITICAL· v3
N/A· v2
Use after free in Windows Kernel allows an unauthorized attacker to execute code over a network.
1Microsoft
13Windows 10 1607
Windows 10 1809Windows 10 21h2+10 more
Jun 17, 2026
Jun 9, 2026
N/A· v4
7.0 HIGH· v3
N/A· v2
Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.
1Microsoft
8Windows 10 21h2
Windows 10 22h2Windows 11 23h2+5 more
Jun 17, 2026
Jun 9, 2026
N/A· v4
7.0 HIGH· v3
N/A· v2
Use after free in Windows Bluetooth Port Driver allows an authorized attacker to elevate privileges locally.
1Microsoft
10Windows 10 1809
Windows 10 21h2Windows 10 22h2+7 more
Jun 17, 2026
Jun 9, 2026
N/A· v4
7.8 HIGH· v3
N/A· v2
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
1Microsoft
13Windows 10 1607
Windows 10 1809Windows 10 21h2+10 more
Jun 17, 2026
Jun 9, 2026
N/A· v4
8.1 HIGH· v3
N/A· v2
Use after free in Universal Plug and Play (upnp.dll) allows an unauthorized attacker to execute code over a network.
1Microsoft
12Windows 10 1607
Windows 10 1809Windows 10 21h2+9 more
Jun 17, 2026
Jun 9, 2026
N/A· v4
7.8 HIGH· v3
N/A· v2
Use after free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally.
1Microsoft
13Windows 10 1607
Windows 10 1809Windows 10 21h2+10 more
Jun 17, 2026
Jun 9, 2026
N/A· v4
7.0 HIGH· v3
N/A· v2
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
1Microsoft
13Windows 10 1607
Windows 10 1809Windows 10 21h2+10 more
Jun 17, 2026
Jun 9, 2026
N/A· v4
7.0 HIGH· v3
N/A· v2
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
1Microsoft
13Windows 10 1607
Windows 10 1809Windows 10 21h2+10 more
Jun 17, 2026
Jun 9, 2026
N/A· v4
8.1 HIGH· v3
N/A· v2
Use after free in Universal Plug and Play (upnp.dll) allows an unauthorized attacker to execute code over a network.
1Microsoft
13Windows 10 1607
Windows 10 1809Windows 10 21h2+10 more
Jun 17, 2026
Jun 9, 2026
N/A· v4
7.0 HIGH· v3
N/A· v2
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
1Microsoft
10Windows 10 1809
Windows 10 21h2Windows 10 22h2+7 more
Jun 17, 2026
Jun 9, 2026
N/A· v4
7.8 HIGH· v3
N/A· v2
Use after free in Windows SDK allows an authorized attacker to elevate privileges locally.
1Microsoft
13Windows 10 1607
Windows 10 1809Windows 10 21h2+10 more
Jun 17, 2026
Jun 9, 2026
N/A· v4
7.8 HIGH· v3
N/A· v2
Integer overflow or wraparound in Windows Internet (wininet.dll) allows an authorized attacker to elevate privileges locally.
1Microsoft
4365 Apps
Microsoft 365Office 2021+1 more
Jun 19, 2026
Jun 9, 2026
N/A· v4
7.8 HIGH· v3
N/A· v2
Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally.
1Microsoft
1Azure Network Adapter
Jun 23, 2026
Jun 9, 2026
N/A· v4
8.2 HIGH· v3
N/A· v2
Use after free in Linux MANA Driver allows an authorized attacker to elevate privileges locally.
1Microsoft
7365 Apps
365 CopilotMicrosoft 365+4 more
Jun 19, 2026
Jun 9, 2026
N/A· v4
8.4 HIGH· v3
N/A· v2
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.