CWE-416
7,752 CVEs • Abstraction: Variant • Likelihood of Exploit: High
Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
CVEs (7,752)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Microsoft 7365 Apps 365 CopilotMicrosoft 365+4 moreJun 19, 2026 Jun 9, 2026 N/A· v4 8.4 HIGH· v3 N/A· v2 Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. |
1Microsoft 7365 Apps 365 CopilotMicrosoft 365+4 moreJun 19, 2026 Jun 9, 2026 N/A· v4 8.4 HIGH· v3 N/A· v2 Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. |
1Microsoft 7365 Apps Microsoft 365Office 2019+4 moreJun 19, 2026 Jun 9, 2026 N/A· v4 8.4 HIGH· v3 N/A· v2 Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally. |
Issue summary: A specially crafted PKCS#7 or S/MIME signed message could trigger a use-after-free during PKCS#7 signature verification. Impact summary: A use-after-free may result in process crashes, heap corruption, or...Show more |
1Microsoft 7365 Apps ExcelMicrosoft 365+4 moreJun 19, 2026 Jun 9, 2026 N/A· v4 7.8 HIGH· v3 N/A· v2 Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally. |
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. |
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. |
1Microsoft 4Windows 11 24h2 Windows 11 25h2Windows 11 26h1+1 moreJun 17, 2026 Jun 9, 2026 N/A· v4 7.8 HIGH· v3 N/A· v2 Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. |
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. |
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. |
1Microsoft 3Windows Server 2019 Windows Server 2022Windows Server 2025Jun 17, 2026 Jun 9, 2026 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Use after free in Windows Network Controller (NC) Host Agent allows an authorized attacker to deny service locally. |
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. |
1Microsoft 10Windows 10 1809 Windows 10 21h2Windows 10 22h2+7 moreJun 17, 2026 Jun 9, 2026 N/A· v4 7.8 HIGH· v3 N/A· v2 Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. |
1Microsoft 15Remote Desktop Client Windows 10 1607Windows 10 1809+12 moreJun 17, 2026 Jun 9, 2026 N/A· v4 7.5 HIGH· v3 N/A· v2 Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network. |
1Microsoft 10Windows 10 1809 Windows 10 21h2Windows 10 22h2+7 moreJun 17, 2026 Jun 9, 2026 N/A· v4 7.8 HIGH· v3 N/A· v2 Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally. |
1Microsoft 5Windows Server 2012 Windows Server 2016Windows Server 2019+2 moreJun 17, 2026 Jun 9, 2026 N/A· v4 8.1 HIGH· v3 N/A· v2 Use after free in Windows Deployment Services allows an unauthorized attacker to execute code over a network. |
1Microsoft 13Windows 10 1607 Windows 10 1809Windows 10 21h2+10 moreJun 17, 2026 Jun 9, 2026 N/A· v4 7.8 HIGH· v3 N/A· v2 Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally. |
1Microsoft 15Remote Desktop Client Windows 10 1607Windows 10 1809+12 moreJun 17, 2026 Jun 9, 2026 N/A· v4 8.8 HIGH· v3 N/A· v2 Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network. |
1Microsoft 10Windows 10 1809 Windows 10 21h2Windows 10 22h2+7 moreJun 17, 2026 Jun 9, 2026 N/A· v4 7.0 HIGH· v3 N/A· v2 Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally. |
1Microsoft 10Windows 10 1809 Windows 10 21h2Windows 10 22h2+7 moreJun 17, 2026 Jun 9, 2026 N/A· v4 7.8 HIGH· v3 N/A· v2 Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. |