CWE-416
AllowedUse After Free
Abstraction: Variant · Status: Stable
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
9821 vulnerabilities reference this CWE, most recent first.
GHSA-7Q3P-9HF2-3VXW
Vulnerability from github – Published: 2026-05-29 00:38 – Updated: 2026-05-29 18:31Use after free in WebView in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
{
"affected": [],
"aliases": [
"CVE-2026-9888"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-28T23:16:46Z",
"severity": "HIGH"
},
"details": "Use after free in WebView in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)",
"id": "GHSA-7q3p-9hf2-3vxw",
"modified": "2026-05-29T18:31:22Z",
"published": "2026-05-29T00:38:35Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-9888"
},
{
"type": "WEB",
"url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html"
},
{
"type": "WEB",
"url": "https://issues.chromium.org/issues/511715166"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-7Q4C-9JC5-4VC9
Vulnerability from github – Published: 2022-05-14 03:43 – Updated: 2022-05-14 03:43A use after free in PDFium in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
{
"affected": [],
"aliases": [
"CVE-2017-5126"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-02-07T23:29:00Z",
"severity": "HIGH"
},
"details": "A use after free in PDFium in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.",
"id": "GHSA-7q4c-9jc5-4vc9",
"modified": "2022-05-14T03:43:38Z",
"published": "2022-05-14T03:43:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5126"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:2997"
},
{
"type": "WEB",
"url": "https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html"
},
{
"type": "WEB",
"url": "https://crbug.com/760455"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201710-24"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2017/dsa-4020"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/101482"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-7Q4C-V8R2-PC77
Vulnerability from github – Published: 2026-07-03 21:31 – Updated: 2026-07-03 21:31Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
{
"affected": [],
"aliases": [
"CVE-2026-57986"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-07-03T21:17:01Z",
"severity": "HIGH"
},
"details": "Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.",
"id": "GHSA-7q4c-v8r2-pc77",
"modified": "2026-07-03T21:31:39Z",
"published": "2026-07-03T21:31:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-57986"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-57986"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-7Q4P-93G6-4WF9
Vulnerability from github – Published: 2025-02-25 18:31 – Updated: 2026-04-06 15:31A use-after-free flaw was found in X.Org and Xwayland. When a device is removed while still frozen, the events queued for that device remain while the device is freed. Replaying the events will cause a use-after-free.
{
"affected": [],
"aliases": [
"CVE-2025-26600"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-02-25T16:15:39Z",
"severity": "HIGH"
},
"details": "A use-after-free flaw was found in X.Org and Xwayland. When a device is removed while still frozen, the events queued for that device remain while the device is freed. Replaying the events will cause a use-after-free.",
"id": "GHSA-7q4p-93g6-4wf9",
"modified": "2026-04-06T15:31:19Z",
"published": "2025-02-25T18:31:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-26600"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20250516-0005"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/02/msg00036.html"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2345252"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2025-26600"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2025:7458"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2025:7165"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2025:7163"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2025:3976"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2025:2880"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2025:2879"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2025:2875"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2025:2874"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2025:2873"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2025:2866"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2025:2865"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2025:2862"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2025:2861"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2025:2502"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2025:2500"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-7Q63-MGR2-2P5J
Vulnerability from github – Published: 2022-05-24 19:14 – Updated: 2022-05-24 19:14Use-after-free vulnerability in kernel graphics driver because of storing an invalid pointer in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
{
"affected": [],
"aliases": [
"CVE-2021-1947"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-09-17T07:15:00Z",
"severity": "HIGH"
},
"details": "Use-after-free vulnerability in kernel graphics driver because of storing an invalid pointer in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking",
"id": "GHSA-7q63-mgr2-2p5j",
"modified": "2022-05-24T19:14:58Z",
"published": "2022-05-24T19:14:58Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-1947"
},
{
"type": "WEB",
"url": "https://www.qualcomm.com/company/product-security/bulletins/august-2021-bulletin"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-7Q6Q-PPP8-9GR5
Vulnerability from github – Published: 2025-01-15 15:31 – Updated: 2025-01-21 18:31In the Linux kernel, the following vulnerability has been resolved:
net/mlx5e: Skip restore TC rules for vport rep without loaded flag
During driver unload, unregister_netdev is called after unloading vport rep. So, the mlx5e_rep_priv is already freed while trying to get rpriv->netdev, or walk rpriv->tc_ht, which results in use-after-free. So add the checking to make sure access the data of vport rep which is still loaded.
{
"affected": [],
"aliases": [
"CVE-2024-57801"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-01-15T13:15:11Z",
"severity": "HIGH"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Skip restore TC rules for vport rep without loaded flag\n\nDuring driver unload, unregister_netdev is called after unloading\nvport rep. So, the mlx5e_rep_priv is already freed while trying to get\nrpriv-\u003enetdev, or walk rpriv-\u003etc_ht, which results in use-after-free.\nSo add the checking to make sure access the data of vport rep which is\nstill loaded.",
"id": "GHSA-7q6q-ppp8-9gr5",
"modified": "2025-01-21T18:31:05Z",
"published": "2025-01-15T15:31:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-57801"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/3e45dd1622a2c1a83c11bf42fdd8c1810123d6c0"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/47c78d3fc26e38ab805613a0f592dc8a820c7c64"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/5a03b368562a7ff5f5f1f63b5adf8309cbdbd5be"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-7Q72-8F9R-V4MW
Vulnerability from github – Published: 2025-10-01 21:31 – Updated: 2025-10-27 06:30A heap-use-after free in the PdfTokenizer::ReadDictionary function of podofo v0.10.0 to v0.10.5 allows attackers to cause a Denial of Service (DoS) via supplying a crafted PDF file.
{
"affected": [],
"aliases": [
"CVE-2025-46205"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-10-01T19:15:35Z",
"severity": "HIGH"
},
"details": "A heap-use-after free in the PdfTokenizer::ReadDictionary function of podofo v0.10.0 to v0.10.5 allows attackers to cause a Denial of Service (DoS) via supplying a crafted PDF file.",
"id": "GHSA-7q72-8f9r-v4mw",
"modified": "2025-10-27T06:30:26Z",
"published": "2025-10-01T21:31:21Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-46205"
},
{
"type": "WEB",
"url": "https://github.com/ShadowByte1/CVE-Reports/issues/1"
},
{
"type": "WEB",
"url": "https://github.com/ShadowByte1/CVE-Reports/blob/main/CVE-2025-46205.md"
},
{
"type": "WEB",
"url": "https://github.com/podofo/podofo"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-7Q7H-GMQW-H5W5
Vulnerability from github – Published: 2022-04-25 00:00 – Updated: 2022-05-05 00:00heap-use-after-free in GitHub repository radareorg/radare2 prior to 5.7.0. This vulnerability is capable of inducing denial of service.
{
"affected": [],
"aliases": [
"CVE-2022-1444"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-04-23T22:15:00Z",
"severity": "MODERATE"
},
"details": "heap-use-after-free in GitHub repository radareorg/radare2 prior to 5.7.0. This vulnerability is capable of inducing denial of service.",
"id": "GHSA-7q7h-gmqw-h5w5",
"modified": "2022-05-05T00:00:41Z",
"published": "2022-04-25T00:00:49Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1444"
},
{
"type": "WEB",
"url": "https://github.com/radareorg/radare2/commit/14189710859c27981adb4c2c2aed2863c1859ec5"
},
{
"type": "WEB",
"url": "https://huntr.dev/bounties/b438a940-f8a4-4872-b030-59bdd1ab72aa"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-7Q7M-RC75-VRR5
Vulnerability from github – Published: 2026-03-11 00:31 – Updated: 2026-03-11 00:31Acrobat Reader versions 24.001.30307, 24.001.30308, 25.001.21265 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
{
"affected": [],
"aliases": [
"CVE-2026-27278"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-03-10T22:16:18Z",
"severity": "HIGH"
},
"details": "Acrobat Reader versions 24.001.30307, 24.001.30308, 25.001.21265 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",
"id": "GHSA-7q7m-rc75-vrr5",
"modified": "2026-03-11T00:31:32Z",
"published": "2026-03-11T00:31:32Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27278"
},
{
"type": "WEB",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb26-26.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-7QCX-JCP4-QG47
Vulnerability from github – Published: 2022-05-13 01:27 – Updated: 2022-05-13 01:27Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to subframe loading.
{
"affected": [],
"aliases": [
"CVE-2011-3021"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2012-02-16T20:55:00Z",
"severity": "HIGH"
},
"details": "Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to subframe loading.",
"id": "GHSA-7qcx-jcp4-qg47",
"modified": "2022-05-13T01:27:15Z",
"published": "2022-05-13T01:27:15Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-3021"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15020"
},
{
"type": "WEB",
"url": "http://code.google.com/p/chromium/issues/detail?id=111779"
},
{
"type": "WEB",
"url": "http://googlechromereleases.blogspot.com/2012/02/chrome-stable-update.html"
},
{
"type": "WEB",
"url": "http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html"
},
{
"type": "WEB",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html"
},
{
"type": "WEB",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/48016"
},
{
"type": "WEB",
"url": "http://support.apple.com/kb/HT5400"
},
{
"type": "WEB",
"url": "http://support.apple.com/kb/HT5485"
},
{
"type": "WEB",
"url": "http://support.apple.com/kb/HT5503"
}
],
"schema_version": "1.4.0",
"severity": []
}
Mitigation
Strategy: Language Selection
Choose a language that provides automatic memory management.
Mitigation
Strategy: Attack Surface Reduction
When freeing pointers, be sure to set them to NULL once they are freed. However, the utilization of multiple or complex data structures may lower the usefulness of this strategy.
No CAPEC attack patterns related to this CWE.