← Back
CWE-416

7,694 CVEs • Abstraction: Variant • Likelihood of Exploit: High

Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

JSON object

Loading...

CVEs (7,694)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
1Google
1Chrome
Jun 17, 2026
Apr 28, 2026
N/A· v4
8.3 HIGH· v3
N/A· v2
Use after free in WebMIDI in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security se...Show more
Use after free in WebMIDI in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)Show less
1Google
1Chrome
Jun 17, 2026
Apr 28, 2026
N/A· v4
7.5 HIGH· v3
N/A· v2
Use after free in Cast in Google Chrome prior to 147.0.7727.138 allowed an attacker on the local network segment to execute arbitrary code inside a sandbox via malicious network traffic. (Chromium security severity: High...Show more
Use after free in Cast in Google Chrome prior to 147.0.7727.138 allowed an attacker on the local network segment to execute arbitrary code inside a sandbox via malicious network traffic. (Chromium security severity: High)Show less
1Google
1Chrome
Jun 17, 2026
Apr 28, 2026
N/A· v4
8.8 HIGH· v3
N/A· v2
Use after free in Codecs in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
1Google
1Chrome
Jun 17, 2026
Apr 28, 2026
N/A· v4
8.1 HIGH· v3
N/A· v2
Use after free in Chromoting in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code via malicious network traffic. (Chromium security severity: High)
1Google
1Chrome
Jun 17, 2026
Apr 28, 2026
N/A· v4
8.8 HIGH· v3
N/A· v2
Use after free in Accessibility in Google Chrome on Windows prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chr...Show more
Use after free in Accessibility in Google Chrome on Windows prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)Show less
1Google
1Chrome
Jun 17, 2026
Apr 28, 2026
N/A· v4
7.5 HIGH· v3
N/A· v2
Use after free in Views in Google Chrome on Windows prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium se...Show more
Use after free in Views in Google Chrome on Windows prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)Show less
1Google
1Chrome
Jun 17, 2026
Apr 28, 2026
N/A· v4
8.8 HIGH· v3
N/A· v2
Use after free in WebView in Google Chrome on Android prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
1Google
1Chrome
Jun 17, 2026
Apr 28, 2026
N/A· v4
8.8 HIGH· v3
N/A· v2
Use after free in WebRTC in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
1Google
1Chrome
Jun 17, 2026
Apr 28, 2026
N/A· v4
7.5 HIGH· v3
N/A· v2
Use after free in Cast in Google Chrome prior to 147.0.7727.138 allowed an attacker on the local network segment to potentially exploit heap corruption via malicious network traffic. (Chromium security severity: High)
1Google
1Chrome
Jun 17, 2026
Apr 28, 2026
N/A· v4
8.8 HIGH· v3
N/A· v2
Use after free in WebRTC in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
1Google
1Chrome
Jun 17, 2026
Apr 28, 2026
N/A· v4
8.8 HIGH· v3
N/A· v2
Use after free in media in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
1Google
1Chrome
Jun 17, 2026
Apr 28, 2026
N/A· v4
8.8 HIGH· v3
N/A· v2
Use after free in Views in Google Chrome on Mac prior to 147.0.7727.138 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
1Google
1Chrome
Jun 17, 2026
Apr 28, 2026
N/A· v4
9.6 CRITICAL· v3
N/A· v2
Use after free in GPU in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
1Mozilla
2Firefox
Thunderbird
Jun 30, 2026
Apr 28, 2026
N/A· v4
8.8 HIGH· v3
N/A· v2
Memory safety bugs present in Thunderbird ESR 140.10.0 and Thunderbird 150.0.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to ru...Show more
Memory safety bugs present in Thunderbird ESR 140.10.0 and Thunderbird 150.0.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 150.0.1, Firefox ESR 140.10.1, Firefox ESR 115.35.1, Thunderbird 150.0.1, and Thunderbird 140.10.1.Show less
1Linux
1Linux Kernel
Jun 17, 2026
Apr 27, 2026
N/A· v4
N/A· v3
N/A· v2
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
1Foxit
2Pdf Editor
Pdf Reader
Jun 17, 2026
Apr 27, 2026
N/A· v4
7.8 HIGH· v3
N/A· v2
Document structural anomalies caused inconsistencies between page element relationships and internal index states. When scripts triggered document modifications, object reference validity was not properly maintained, lea...Show more
Document structural anomalies caused inconsistencies between page element relationships and internal index states. When scripts triggered document modifications, object reference validity was not properly maintained, leading to a crash when accessing an invalid pointer during page information queries.Show less
1Foxit
2Pdf Editor
Pdf Reader
Jun 17, 2026
Apr 27, 2026
N/A· v4
5.5 MEDIUM· v3
N/A· v2
Flaws in page lifecycle management allow document structure changes to desynchronize internal component states, causing subsequent operations to access invalidated objects and crash the program.
1Foxit
2Pdf Editor
Pdf Reader
Jun 17, 2026
Apr 27, 2026
N/A· v4
5.5 MEDIUM· v3
N/A· v2
Calling a function that triggers a UI refresh after removing comments via a script may access an invalidated object, leading to program crashes.
1Foxit
2Pdf Editor
Pdf Reader
Jun 17, 2026
Apr 27, 2026
N/A· v4
5.5 MEDIUM· v3
N/A· v2
A crafted XFA PDF can trigger a use-after-free condition during calculate event processing, causing the application to crash and resulting in an arbitrary code execution.
1Mozilla
2Firefox
Thunderbird
Jun 30, 2026
Apr 26, 2026
N/A· v4
7.5 HIGH· v3
N/A· v2
Memory safety bugs present in Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could...Show more
Memory safety bugs present in Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.Show less