← Back
CWE-416

7,752 CVEs • Abstraction: Variant • Likelihood of Exploit: High

Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

JSON object

Loading...

CVEs (7,752)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
1Microsoft
7365 Apps
365 CopilotMicrosoft 365+4 more
Jun 19, 2026
Jun 9, 2026
N/A· v4
8.4 HIGH· v3
N/A· v2
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
1Microsoft
7365 Apps
365 CopilotMicrosoft 365+4 more
Jun 19, 2026
Jun 9, 2026
N/A· v4
8.4 HIGH· v3
N/A· v2
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
1Microsoft
7365 Apps
Microsoft 365Office 2019+4 more
Jun 19, 2026
Jun 9, 2026
N/A· v4
8.4 HIGH· v3
N/A· v2
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
1Openssl
1Openssl
Jul 8, 2026
Jun 9, 2026
N/A· v4
8.8 HIGH· v3
N/A· v2
Issue summary: A specially crafted PKCS#7 or S/MIME signed message could trigger a use-after-free during PKCS#7 signature verification. Impact summary: A use-after-free may result in process crashes, heap corruption, or...Show more
Issue summary: A specially crafted PKCS#7 or S/MIME signed message could trigger a use-after-free during PKCS#7 signature verification. Impact summary: A use-after-free may result in process crashes, heap corruption, or potentially remote code execution. When processing a PKCS#7 or S/MIME signed message, if the SignedData digestAlgorithms field is present as an empty ASN.1 SET, OpenSSL may incorrectly free a caller-owned BIO during PKCS7_verify(). A subsequent use of the BIO by the calling application results in a use-after-free condition. In the common case this occurs when the application later calls BIO_free() on the BIO originally passed to PKCS7_verify(). Depending on allocator behavior and application-specific BIO usage patterns, this may result in a crash or other memory corruption. In some application contexts this may potentially be exploitable for remote code execution. Applications that process PKCS#7 or S/MIME signed messages using OpenSSL PKCS#7 APIs may be affected. Applications using the CMS APIs for this processing are not affected. The FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.Show less
1Microsoft
7365 Apps
ExcelMicrosoft 365+4 more
Jun 19, 2026
Jun 9, 2026
N/A· v4
7.8 HIGH· v3
N/A· v2
Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
1Microsoft
1Windows 11 26h1
Jun 17, 2026
Jun 9, 2026
N/A· v4
7.8 HIGH· v3
N/A· v2
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
1Microsoft
1Windows 11 26h1
Jun 17, 2026
Jun 9, 2026
N/A· v4
7.8 HIGH· v3
N/A· v2
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
1Microsoft
4Windows 11 24h2
Windows 11 25h2Windows 11 26h1+1 more
Jun 17, 2026
Jun 9, 2026
N/A· v4
7.8 HIGH· v3
N/A· v2
Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
1Microsoft
1Windows 11 26h1
Jun 17, 2026
Jun 9, 2026
N/A· v4
7.8 HIGH· v3
N/A· v2
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
1Microsoft
1Windows 11 26h1
Jun 17, 2026
Jun 9, 2026
N/A· v4
7.8 HIGH· v3
N/A· v2
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
1Microsoft
3Windows Server 2019
Windows Server 2022Windows Server 2025
Jun 17, 2026
Jun 9, 2026
N/A· v4
5.5 MEDIUM· v3
N/A· v2
Use after free in Windows Network Controller (NC) Host Agent allows an authorized attacker to deny service locally.
1Microsoft
1Windows 11 26h1
Jun 17, 2026
Jun 9, 2026
N/A· v4
7.8 HIGH· v3
N/A· v2
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
1Microsoft
10Windows 10 1809
Windows 10 21h2Windows 10 22h2+7 more
Jun 17, 2026
Jun 9, 2026
N/A· v4
7.8 HIGH· v3
N/A· v2
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
1Microsoft
15Remote Desktop Client
Windows 10 1607Windows 10 1809+12 more
Jun 17, 2026
Jun 9, 2026
N/A· v4
7.5 HIGH· v3
N/A· v2
Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
1Microsoft
10Windows 10 1809
Windows 10 21h2Windows 10 22h2+7 more
Jun 17, 2026
Jun 9, 2026
N/A· v4
7.8 HIGH· v3
N/A· v2
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.
1Microsoft
5Windows Server 2012
Windows Server 2016Windows Server 2019+2 more
Jun 17, 2026
Jun 9, 2026
N/A· v4
8.1 HIGH· v3
N/A· v2
Use after free in Windows Deployment Services allows an unauthorized attacker to execute code over a network.
1Microsoft
13Windows 10 1607
Windows 10 1809Windows 10 21h2+10 more
Jun 17, 2026
Jun 9, 2026
N/A· v4
7.8 HIGH· v3
N/A· v2
Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.
1Microsoft
15Remote Desktop Client
Windows 10 1607Windows 10 1809+12 more
Jun 17, 2026
Jun 9, 2026
N/A· v4
8.8 HIGH· v3
N/A· v2
Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
1Microsoft
10Windows 10 1809
Windows 10 21h2Windows 10 22h2+7 more
Jun 17, 2026
Jun 9, 2026
N/A· v4
7.0 HIGH· v3
N/A· v2
Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.
1Microsoft
10Windows 10 1809
Windows 10 21h2Windows 10 22h2+7 more
Jun 17, 2026
Jun 9, 2026
N/A· v4
7.8 HIGH· v3
N/A· v2
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.