← Back
CWE-416

7,703 CVEs • Abstraction: Variant • Likelihood of Exploit: High

Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

JSON object

Loading...

CVEs (7,703)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
1Mozilla
2Firefox
Thunderbird
Jun 17, 2026
May 19, 2026
N/A· v4
9.6 CRITICAL· v3
N/A· v2
Sandbox escape due to use-after-free in the Disability Access APIs component. This vulnerability was fixed in Firefox 151, Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.
1Mozilla
2Firefox
Thunderbird
Jun 30, 2026
May 19, 2026
N/A· v4
7.5 HIGH· v3
N/A· v2
Use-after-free in the DOM: Bindings (WebIDL) component. This vulnerability was fixed in Firefox 151, Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.
1Samsung
1Escargot
Jun 17, 2026
May 19, 2026
N/A· v4
9.8 CRITICAL· v3
N/A· v2
Use after free vulnerability in Samsung Open Source Escargot allows Pointer Manipulation. This issue affects Escargot: 590345cc6258317c5da850d846ce6baaf2afc2d3.
-
-
Jun 17, 2026
May 19, 2026
N/A· v4
6.5 MEDIUM· v3
N/A· v2
in OpenHarmony v6.0 and prior versions allow a local attacker arbitrary code execution.
1Open5gs
1Open5gs
Jun 17, 2026
May 17, 2026
2.1 LOW· v4
6.5 MEDIUM· v3
4.0 MEDIUM· v2
A security flaw has been discovered in Open5GS up to 2.7.7. Affected by this issue is the function discover_handler in the library /lib/sbi/nghttp2-server.c of the component NRF. The manipulation results in use after fre...Show more
A security flaw has been discovered in Open5GS up to 2.7.7. Affected by this issue is the function discover_handler in the library /lib/sbi/nghttp2-server.c of the component NRF. The manipulation results in use after free. The attack can be launched remotely. The exploit has been released to the public and may be used for attacks. The project was informed of the problem early through an issue report but has not responded yet.Show less
1Radare
1Radare2
Jun 17, 2026
May 15, 2026
8.7 HIGH· v4
9.8 CRITICAL· v3
N/A· v2
radare2 6.1.5 contains a use-after-free vulnerability in the gdbr_pids_list() function within the GDB client core that allows remote attackers to cause a denial of service or potentially execute arbitrary code by sending...Show more
radare2 6.1.5 contains a use-after-free vulnerability in the gdbr_pids_list() function within the GDB client core that allows remote attackers to cause a denial of service or potentially execute arbitrary code by sending malformed thread information responses. Attackers can trigger the vulnerability by causing qsThreadInfo to fail after qfThreadInfo successfully allocates RDebugPid structures, resulting in double-free memory corruption when the error path attempts to clean up the list.Show less
1Radare
1Radare2
Jun 17, 2026
May 15, 2026
8.7 HIGH· v4
9.8 CRITICAL· v3
N/A· v2
radare2 6.1.5 contains a use-after-free vulnerability in the gdbr_threads_list() function that allows remote attackers to trigger memory corruption by sending a valid qfThreadInfo response followed by a malformed qsThrea...Show more
radare2 6.1.5 contains a use-after-free vulnerability in the gdbr_threads_list() function that allows remote attackers to trigger memory corruption by sending a valid qfThreadInfo response followed by a malformed qsThreadInfo response. Attackers can exploit this vulnerability through GDB remote debugging to cause a denial of service or potentially achieve code execution by manipulating thread list processing.Show less
-
-
Jun 17, 2026
May 15, 2026
6.9 MEDIUM· v4
N/A· v3
N/A· v2
Improper input validation in the AMD Secure Processor (ASP) PCI driver could allow a local attacker to trigger a Use-After-Free (UAF) condition, potentially resulting in a loss of platform integrity or crash.
1Google
1Chrome
Jun 17, 2026
May 14, 2026
N/A· v4
8.8 HIGH· v3
N/A· v2
Use after free in Extensions in Google Chrome on Mac prior to 148.0.7778.168 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. (Chromium s...Show more
Use after free in Extensions in Google Chrome on Mac prior to 148.0.7778.168 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. (Chromium security severity: Medium)Show less
1Google
1Chrome
Jun 17, 2026
May 14, 2026
N/A· v4
8.8 HIGH· v3
N/A· v2
Use after free in GPU in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
1Google
1Chrome
Jun 17, 2026
May 14, 2026
N/A· v4
9.6 CRITICAL· v3
N/A· v2
Use after free in Mojo in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)
1Google
1Chrome
Jun 17, 2026
May 14, 2026
N/A· v4
8.3 HIGH· v3
N/A· v2
Use after free in UI in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severit...Show more
Use after free in UI in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)Show less
1Google
1Chrome
Jun 17, 2026
May 14, 2026
N/A· v4
8.3 HIGH· v3
N/A· v2
Use after free in Core in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium sec...Show more
Use after free in Core in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)Show less
1Google
1Chrome
Jun 17, 2026
May 14, 2026
N/A· v4
7.5 HIGH· v3
N/A· v2
Use after free in Accessibility in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. (Chromium security seve...Show more
Use after free in Accessibility in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. (Chromium security severity: High)Show less
1Google
1Chrome
Jun 17, 2026
May 14, 2026
N/A· v4
8.8 HIGH· v3
N/A· v2
Use after free in GTK in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
1Google
1Chrome
Jun 17, 2026
May 14, 2026
N/A· v4
3.1 LOW· v3
N/A· v2
Use after free in GPU in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page. (Chromium security sever...Show more
Use after free in GPU in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)Show less
1Google
1Chrome
Jun 17, 2026
May 14, 2026
N/A· v4
8.8 HIGH· v3
N/A· v2
Use after free in Downloads in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security...Show more
Use after free in Downloads in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)Show less
1Google
1Chrome
Jun 17, 2026
May 14, 2026
N/A· v4
6.5 MEDIUM· v3
N/A· v2
Use after free in Google Lens in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML...Show more
Use after free in Google Lens in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)Show less
1Google
1Chrome
Jun 17, 2026
May 14, 2026
N/A· v4
8.8 HIGH· v3
N/A· v2
Use after free in Media in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
1Google
1Chrome
Jun 17, 2026
May 14, 2026
N/A· v4
8.8 HIGH· v3
N/A· v2
Use after free in Media in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)