VYPR

CWE-416

Use After Free

VariantStableLikelihood: High

Description

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

Hierarchy (View 1000)

Parents

Children

none

CVEs mapped to this weakness (2,306)

page 32 of 116
  • CVE-2026-7336HigApr 28, 2026
    risk 0.57cvss 8.8epss 0.00

    Use after free in WebRTC in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-7335HigApr 28, 2026
    risk 0.57cvss 8.8epss 0.00

    Use after free in media in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-7334HigApr 28, 2026
    risk 0.57cvss 8.8epss 0.00

    Use after free in Views in Google Chrome on Mac prior to 147.0.7727.138 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-31669CriApr 24, 2026
    risk 0.57cvss 9.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: mptcp: fix slab-use-after-free in __inet_lookup_established The ehash table lookups are lockless and rely on SLAB_TYPESAFE_BY_RCU to guarantee socket memory stability during RCU read-side critical sections.…

  • CVE-2026-31589CriApr 24, 2026
    risk 0.57cvss 9.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: mm: call ->free_folio() directly in folio_unmap_invalidate() We can only call filemap_free_folio() if we have a reference to (or hold a lock on) the mapping. Otherwise, we've already removed the folio from…

  • CVE-2026-31533CriApr 23, 2026
    risk 0.57cvss 9.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: net/tls: fix use-after-free in -EBUSY error path of tls_do_encryption The -EBUSY handling in tls_do_encryption(), introduced by commit 859054147318 ("net: tls: handle backlogging of crypto requests"), has a…

  • CVE-2026-31501CriApr 22, 2026
    risk 0.57cvss 9.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: net: ti: icssg-prueth: fix use-after-free of CPPI descriptor in RX path cppi5_hdesc_get_psdata() returns a pointer into the CPPI descriptor. In both emac_rx_packet() and emac_rx_packet_zc(), the descriptor is…

  • CVE-2026-31444CriApr 22, 2026
    risk 0.57cvss 9.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free and NULL deref in smb_grant_oplock() smb_grant_oplock() has two issues in the oplock publication sequence: 1) opinfo is linked into ci->m_op_list (via opinfo_add) before …

  • CVE-2026-6360HigApr 15, 2026
    risk 0.57cvss 8.8epss 0.00

    Use after free in FileSystem in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-6359HigApr 15, 2026
    risk 0.57cvss 8.8epss 0.00

    Use after free in Video in Google Chrome on Windows prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-6358HigApr 15, 2026
    risk 0.57cvss 8.8epss 0.00

    Use after free in XR in Google Chrome on Android prior to 147.0.7727.101 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Critical)

  • CVE-2026-6318HigApr 15, 2026
    risk 0.57cvss 8.8epss 0.00

    Use after free in Codecs in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2026-6317HigApr 15, 2026
    risk 0.57cvss 8.8epss 0.00

    Use after free in Cast in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-6316HigApr 15, 2026
    risk 0.57cvss 8.8epss 0.00

    Use after free in Forms in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-6315HigApr 15, 2026
    risk 0.57cvss 8.8epss 0.00

    Use after free in Permissions in Google Chrome on Android prior to 147.0.7727.101 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-6303HigApr 15, 2026
    risk 0.57cvss 8.8epss 0.00

    Use after free in Codecs in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-6302HigApr 15, 2026
    risk 0.57cvss 8.8epss 0.00

    Use after free in Video in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-6300HigApr 15, 2026
    risk 0.57cvss 8.8epss 0.00

    Use after free in CSS in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-6299HigApr 15, 2026
    risk 0.57cvss 8.8epss 0.00

    Use after free in Prerender in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical)

  • CVE-2026-32157HigApr 14, 2026
    risk 0.57cvss 8.8epss 0.01

    Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network.