CWE-416

Use After Free

MITRE

No catalog description on file. The MITRE CWE site has the canonical reference.

CVEs (total)

356

Critical

High

292

Medium

Low

Severity distribution

Recent CVEs

showing 50 of 356

CVE-2026-12014High· 8.3EPSS 0%7 h ago
Use after free in Cast in Google Chrome prior to 149.0.7827.115 allowed an attacker on the local network segment to potentially perform a sandbox escape via malicious network traffic. (Chromium security severity: High)
CVE-2026-12015Medium· 5.3EPSS 0%7 h ago
Use after free in Autofill in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium securi
CVE-2026-12020High· 8.8EPSS 0%7 h ago
Use after free in Autofill in Google Chrome on Mac prior to 149.0.7827.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2026-41158—9 h ago
Software installed and run as a non-privileged user may conduct GPU system calls to write to arbitrary freed physical pages. Physical memory allocated and freed, without the deferred free mechanism can lead to those resources being used
CVE-2026-47921High· 7.8EPSS 0%12 h ago
Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interac
CVE-2026-47920High· 7.8EPSS 0%12 h ago
Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interac
CVE-2026-47955High· 7.8EPSS 0%12 h ago
Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interac
CVE-2026-47916High· 7.8EPSS 0%12 h ago
Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interac
CVE-2026-12023High· 8.3EPSS 0%13 h ago
Use after free in GPU in Google Chrome on Mac prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-12028High· 8.3EPSS 0%13 h ago
Use after free in GPU in Google Chrome on Android prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-12029High· 8.3EPSS 0%13 h ago
Use after free in Video in Google Chrome on Windows prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Hig
CVE-2026-12035High· 8.8EPSS 0%14 h ago
Use after free in Views in Google Chrome on Windows prior to 149.0.7827.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2026-47653High· 8.8EPSS 0%14 h ago
Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
CVE-2026-47654High· 7.5EPSS 0%14 h ago
Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
CVE-2026-44801High· 7.5EPSS 0%14 h ago
Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
CVE-2026-12012High· 8.1EPSS 0%14 h ago
Use after free in Network in Google Chrome prior to 149.0.7827.115 allowed an attacker in a privileged network position to potentially exploit heap corruption via malicious network traffic. (Chromium security severity: High)
CVE-2026-12013High· 8.8EPSS 0%14 h ago
Use after free in Media in Google Chrome on Windows prior to 149.0.7827.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2026-12008High· 8.3EPSS 0%14 h ago
Use after free in DigitalCredentials in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: C
CVE-2026-12007High· 8.8EPSS 0%14 h ago
Use after free in Core in Google Chrome on Windows prior to 149.0.7827.115 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-44804High· 7.8EPSS 0%15 h ago
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
CVE-2026-44807High· 7.8EPSS 0%15 h ago
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
CVE-2026-44808High· 7.8EPSS 0%15 h ago
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
CVE-2026-44811High· 7.8EPSS 0%15 h ago
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
CVE-2026-44813High· 7.8EPSS 0%15 h ago
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
CVE-2025-27038High· 7.5KEVEPSS 1%15 h ago
Qualcomm Multiple Chipsets Use-After-Free Vulnerability
CVE-2025-43529High· 8.8KEVEPSS 0%15 h ago
Apple Multiple Products Use-After-Free WebKit Vulnerability
CVE-2025-30400High· 7.8KEVEPSS 1%15 h ago
Microsoft Windows DWM Core Library Use-After-Free Vulnerability
CVE-2025-24983High· 7.0KEVEPSS 2%15 h ago
Microsoft Windows Win32k Use-After-Free Vulnerability
CVE-2024-36971High· 7.8KEVEPSS 0%15 h ago
Android Kernel Remote Code Execution Vulnerability
CVE-2020-0674High· 7.5KEVEXPLOITEPSS 94%15 h ago
Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability
CVE-2023-33063High· 7.8KEVEPSS 0%15 h ago
Qualcomm Multiple Chipsets Use-After-Free Vulnerability
CVE-2025-29824High· 7.8KEVEPSS 1%15 h ago
Microsoft Windows Common Log File System (CLFS) Driver Use-After-Free Vulnerability
CVE-2025-21335High· 7.8KEVEPSS 8%15 h ago
Microsoft Windows Hyper-V NT Kernel Integration VSP Use-After-Free Vulnerability
CVE-2023-32373High· 8.8KEVEPSS 0%15 h ago
Apple Multiple Products WebKit Use-After-Free Vulnerability
CVE-2023-28205High· 8.8KEVEPSS 0%15 h ago
Apple Multiple Products WebKit Use-After-Free Vulnerability
CVE-2024-4610High· 7.8KEVEPSS 1%15 h ago
Arm Mali GPU Kernel Driver Use-After-Free Vulnerability
CVE-2023-0266High· 7.9KEVEPSS 0%15 h ago
Linux Kernel Use-After-Free Vulnerability
CVE-2021-25370Medium· 6.1KEVEPSS 0%15 h ago
Samsung Mobile Devices Memory Corruption Vulnerability
CVE-2019-8526High· 7.8KEVEPSS 0%15 h ago
Apple macOS Use-After-Free Vulnerability
CVE-2019-8605High· 7.8KEVEXPLOITEPSS 14%15 h ago
Apple Multiple Products Use-After-Free Vulnerability
CVE-2021-0920Medium· 6.4KEVEPSS 1%15 h ago
Android Kernel Race Condition Vulnerability
CVE-2015-5123Critical· 9.8KEVEPSS 41%15 h ago
Adobe Flash Player Use-After-Free Vulnerability
CVE-2016-7855High· 8.8KEVEPSS 59%15 h ago
Adobe Flash Player Use-After-Free Vulnerability
CVE-2023-4211Medium· 5.5KEVEPSS 0%15 h ago
Arm Mali GPU Kernel Driver Use-After-Free Vulnerability
CVE-2022-22620High· 8.8KEVEPSS 4%15 h ago
Apple iOS, iPadOS, and macOS Webkit Use-After-Free Vulnerability
CVE-2017-0263High· 7.8KEVEXPLOITEPSS 21%15 h ago
Microsoft Win32k Privilege Escalation Vulnerability
CVE-2021-4102High· 8.8KEVEPSS 5%15 h ago
Google Chromium V8 Use-After-Free Vulnerability
CVE-2019-0211High· 7.8KEVEXPLOITEPSS 90%15 h ago
Apache HTTP Server Privilege Escalation Vulnerability
CVE-2020-16017Critical· 9.6KEVEPSS 21%15 h ago
Google Chrome Use-After-Free Vulnerability
CVE-2021-34486High· 7.8KEVEPSS 36%15 h ago
Microsoft Windows Event Tracing Privilege Escalation Vulnerability

CWE catalog data sourced from MITRE. CVE associations come from NVD weakness mappings; some CVEs carry multiple CWEs.