CWE-415

Double Free

MITRE

No catalog description on file. The MITRE CWE site has the canonical reference.

CVEs (total)

Critical

High

Medium

Low

Severity distribution

Recent CVEs

showing 18 of 18

CVE-2026-12043High· 8.818 h ago
Improper handling of HPACK dynamic table size updates in the AWS Common Runtime aws-c-http library might allow a remote threat actor operating a server to cause memory corruption on a connecting client application, potentially leading to ar
CVE-2026-46690Medium· 5.8EPSS 0%21 h ago
unbounded-spsc: Sender::send pointer-as-value transmute causes OOB read and fake-Arc drop under TX/RX race
crates.io
CVE-2018-4990High· 8.8KEVEPSS 52%21 h ago
Adobe Acrobat and Reader Double Free Vulnerability
CVE-2021-22600Medium· 6.6KEVEPSS 0%21 h ago
Linux Kernel Privilege Escalation Vulnerability
CVE-2020-9859High· 7.8KEVEPSS 0%21 h ago
Apple Multiple Products Code Execution Vulnerability
CVE-2026-46189High· 7.8EPSS 0%2 d ago
In the Linux kernel, the following vulnerability has been resolved: RDMA/vmw_pvrdma: Fix double free on pvrdma_alloc_ucontext() error path Sashiko points out that pvrdma_uar_free() is already called within pvrdma_dealloc_ucontext(), so ca
CVE-2026-46183High· 7.8EPSS 0%2 d ago
In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs-schemes: protect path kfree() with damon_sysfs_lock damon_sysfs_quot_goal->path can be read and written by users, via DAMON sysfs 'path' file. It can also
CVE-2026-35188Medium· 5.0EPSS 0%2 d ago
Issue summary: A malicious server can exploit TLS OCSP stapling by delivering a crafted response through the status_request extension, triggering a double-free in the client's certificate verification path. Impact summary: Successful explo
CVE-2026-46164High· 7.0EPSS 0%2 d ago
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix double free in create_space_info_sub_group() error path When kobject_init_and_add() fails, the call chain is: create_space_info_sub_group() -> btrfs_sysfs_add
CVE-2026-46162High· 7.8EPSS 0%2 d ago
In the Linux kernel, the following vulnerability has been resolved: ice: fix double free in ice_sf_eth_activate() error path When auxiliary_device_add() fails, ice_sf_eth_activate() jumps to aux_dev_uninit and calls auxiliary_device_unini
CVE-2023-41325High· 7.4EPSS 0%7 d ago
OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.20 and prior to version 3.22, `shdr_verify_signature` ca
CVE-2021-44732Critical· 9.8EPSS 1%7 d ago
Mbed TLS before 3.0.1 has a double free in certain out-of-memory conditions, as demonstrated by an mbedtls_ssl_set_session() failure.
CVE-2016-8619High· 5.3EPSS 3%25 d ago
curl/libcurl: double free in krb5 code
curl
CVE-2019-5481Medium· 9.8EPSS 3%25 d ago
curl/libcurl: FTP-KRB double free
curl
CVE-2023-27537LowEPSS 0%2026-04-25
curl/libcurl: HSTS double free
curl
CVE-2022-42915MediumEPSS 0%2026-04-25
curl/libcurl: HTTP proxy double free
curl
CVE-2021-22945Critical· 9.1EPSS 0%2025-06-09
curl/libcurl: UAF and double free in MQTT sending
curl
CVE-2016-8618Medium· 5.3EPSS 2%2024-11-21
curl/libcurl: double free in curl_maprintf
curl

CWE catalog data sourced from MITRE. CVE associations come from NVD weakness mappings; some CVEs carry multiple CWEs.