CWE-416
7,691 CVEs • Abstraction: Variant • Likelihood of Exploit: High
Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
CVEs (7,691)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Microsoft 3365 Apps OfficeOffice Long Term Servicing ChannelJun 17, 2026 Apr 14, 2026 N/A· v4 8.4 HIGH· v3 N/A· v2 Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. |
1Microsoft 5365 Apps ExcelOffice+2 moreJun 17, 2026 Apr 14, 2026 N/A· v4 7.8 HIGH· v3 N/A· v2 Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. |
1Microsoft 11Windows 10 1809 Windows 10 21h2Windows 10 22h2+8 moreJun 17, 2026 Apr 14, 2026 N/A· v4 7.8 HIGH· v3 N/A· v2 Use after free in Windows User Interface Core allows an authorized attacker to elevate privileges locally. |
1Microsoft 11Windows 10 1809 Windows 10 21h2Windows 10 22h2+8 moreJun 17, 2026 Apr 14, 2026 N/A· v4 7.8 HIGH· v3 N/A· v2 Concurrent execution using shared resource with improper synchronization ('race condition') in Windows User Interface Core allows an authorized attacker to elevate privileges locally. |
1Microsoft 11Windows 10 1809 Windows 10 21h2Windows 10 22h2+8 moreJun 17, 2026 Apr 14, 2026 N/A· v4 7.8 HIGH· v3 N/A· v2 Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally. |
1Microsoft 11Windows 10 1809 Windows 10 21h2Windows 10 22h2+8 moreJun 17, 2026 Apr 14, 2026 N/A· v4 7.8 HIGH· v3 N/A· v2 Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally. |
1Microsoft 15Remote Desktop Client Windows 10 1607Windows 10 1809+12 moreJun 17, 2026 Apr 14, 2026 N/A· v4 8.8 HIGH· v3 N/A· v2 Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network. |
1Microsoft 14Windows 10 1607 Windows 10 1809Windows 10 21h2+11 moreJun 17, 2026 Apr 14, 2026 N/A· v4 7.4 HIGH· v3 N/A· v2 Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an unauthorized attacker to execute code locally. |
1Microsoft 8Windows 10 21h2 Windows 10 22h2Windows 11 23h2+5 moreJun 17, 2026 Apr 14, 2026 N/A· v4 7.8 HIGH· v3 N/A· v2 Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally. |
1Microsoft 7Windows 11 23h2 Windows 11 24h2Windows 11 25h2+4 moreJun 17, 2026 Apr 14, 2026 N/A· v4 7.8 HIGH· v3 N/A· v2 Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally. |
1Microsoft 7Windows 10 1809 Windows 10 21h2Windows 10 22h2+4 moreJun 17, 2026 Apr 14, 2026 N/A· v4 7.8 HIGH· v3 N/A· v2 Use after free in Microsoft Windows Speech allows an authorized attacker to elevate privileges locally. |
1Microsoft 7Windows 11 23h2 Windows 11 24h2Windows 11 25h2+4 moreJun 17, 2026 Apr 14, 2026 N/A· v4 7.8 HIGH· v3 N/A· v2 Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally. |
1Microsoft 13Windows 10 1607 Windows 10 1809Windows 10 21h2+10 moreJun 17, 2026 Apr 14, 2026 N/A· v4 7.0 HIGH· v3 N/A· v2 Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally. |
1Microsoft 13Windows 10 1607 Windows 10 1809Windows 10 21h2+10 moreJun 17, 2026 Apr 14, 2026 N/A· v4 7.0 HIGH· v3 N/A· v2 Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Speech Brokered Api allows an authorized attacker to elevate privileges locally. |
1Microsoft 13Windows 10 1607 Windows 10 1809Windows 10 21h2+10 moreJun 17, 2026 Apr 14, 2026 N/A· v4 7.8 HIGH· v3 N/A· v2 Use after free in Windows Speech Brokered Api allows an authorized attacker to elevate privileges locally. |
1Microsoft 5Windows Server 2016 Windows Server 2019Windows Server 2022+2 moreJun 17, 2026 Apr 14, 2026 N/A· v4 7.0 HIGH· v3 N/A· v2 Use after free in Windows WalletService allows an authorized attacker to elevate privileges locally. |
1Microsoft 11Windows 10 1809 Windows 10 21h2Windows 10 22h2+8 moreJun 17, 2026 Apr 14, 2026 N/A· v4 7.8 HIGH· v3 N/A· v2 Use after free in Windows Projected File System allows an authorized attacker to elevate privileges locally. |
1Microsoft 14Windows 10 1607 Windows 10 1809Windows 10 21h2+11 moreJun 17, 2026 Apr 14, 2026 N/A· v4 7.0 HIGH· v3 N/A· v2 Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally. |
1Microsoft 14Windows 10 1607 Windows 10 1809Windows 10 21h2+11 moreJun 17, 2026 Apr 14, 2026 N/A· v4 7.0 HIGH· v3 N/A· v2 Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. |
1Microsoft 14Windows 10 1607 Windows 10 1809Windows 10 21h2+11 moreJun 17, 2026 Apr 14, 2026 N/A· v4 7.0 HIGH· v3 N/A· v2 Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. |