← Back
CWE-416

7,739 CVEs • Abstraction: Variant • Likelihood of Exploit: High

Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

JSON object

Loading...

CVEs (7,739)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
1Google
1Chrome
Jun 17, 2026
Jun 9, 2026
N/A· v4
8.3 HIGH· v3
N/A· v2
Use after free in Tracing in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security se...Show more
Use after free in Tracing in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)Show less
1Google
1Chrome
Jun 17, 2026
Jun 9, 2026
N/A· v4
8.8 HIGH· v3
N/A· v2
Use after free in Bluetooth in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
1Google
1Chrome
Jun 17, 2026
Jun 9, 2026
N/A· v4
8.8 HIGH· v3
N/A· v2
Use after free in Bluetooth in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
1Google
1Chrome
Jun 17, 2026
Jun 9, 2026
N/A· v4
7.5 HIGH· v3
N/A· v2
Use after free in ServiceWorker in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium se...Show more
Use after free in ServiceWorker in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)Show less
1Google
1Chrome
Jun 17, 2026
Jun 9, 2026
N/A· v4
8.3 HIGH· v3
N/A· v2
Use after free in Read Anything in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium secur...Show more
Use after free in Read Anything in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)Show less
1Google
1Chrome
Jun 17, 2026
Jun 9, 2026
N/A· v4
8.8 HIGH· v3
N/A· v2
Use after free in Dawn in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
1Google
1Chrome
Jun 17, 2026
Jun 9, 2026
N/A· v4
8.8 HIGH· v3
N/A· v2
Use after free in WebCodecs in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
1Google
1Chrome
Jun 17, 2026
Jun 9, 2026
N/A· v4
8.8 HIGH· v3
N/A· v2
Use after free in Ozone in Google Chrome on Linux prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
1Google
1Chrome
Jun 17, 2026
Jun 9, 2026
N/A· v4
8.8 HIGH· v3
N/A· v2
Use after free in Media in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
1Google
1Chrome
Jun 17, 2026
Jun 9, 2026
N/A· v4
8.3 HIGH· v3
N/A· v2
Use after free in Codecs in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium s...Show more
Use after free in Codecs in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)Show less
1Google
1Chrome
Jun 17, 2026
Jun 9, 2026
N/A· v4
8.8 HIGH· v3
N/A· v2
Use after free in Guest View in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
1Google
1Chrome
Jun 17, 2026
Jun 9, 2026
N/A· v4
8.8 HIGH· v3
N/A· v2
Use after free in InterestGroups in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
1Google
1Chrome
Jun 17, 2026
Jun 9, 2026
N/A· v4
9.6 CRITICAL· v3
N/A· v2
Use after free in Navigation in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
1Google
1Chrome
Jun 17, 2026
Jun 9, 2026
N/A· v4
8.8 HIGH· v3
N/A· v2
Use after free in PDF in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. (Chromium security severity: High)
1Google
1Chrome
Jun 17, 2026
Jun 9, 2026
N/A· v4
8.8 HIGH· v3
N/A· v2
Use after free in Payments in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
1Google
1Chrome
Jun 17, 2026
Jun 9, 2026
N/A· v4
8.3 HIGH· v3
N/A· v2
Use after free in Skia in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security sever...Show more
Use after free in Skia in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)Show less
1Google
1Chrome
Jun 17, 2026
Jun 9, 2026
N/A· v4
8.3 HIGH· v3
N/A· v2
Use after free in Views in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium se...Show more
Use after free in Views in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)Show less
1Google
1Chrome
Jun 17, 2026
Jun 9, 2026
N/A· v4
8.8 HIGH· v3
N/A· v2
Use after free in Payments in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
1Google
1Chrome
Jun 17, 2026
Jun 9, 2026
N/A· v4
8.3 HIGH· v3
N/A· v2
Use after free in ServiceWorker in Google Chrome prior to 149.0.7827.103 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. (...Show more
Use after free in ServiceWorker in Google Chrome prior to 149.0.7827.103 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. (Chromium security severity: High)Show less
1Google
1Chrome
Jun 17, 2026
Jun 9, 2026
N/A· v4
9.6 CRITICAL· v3
N/A· v2
Use after free in CameraCapture in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)