CWE-416

Use After Free

VariantStableLikelihood: High

Description

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

Hierarchy (View 1000)

Parents

CWE-825

Children

none

CVEs mapped to this weakness (1,889)

page 40 of 95

CVE	Vendor / Product	Sev	Risk	CVSS	Published	Description
CVE-2026-40382	—	Hig	0.51	7.8	May 12, 2026	Use after free in Windows Telephony Service allows an authorized attacker to elevate privileges locally.
CVE-2026-40359	Microsoft Office Excel	Hig	0.51	7.8	May 12, 2026	Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2026-35418	—	Hig	0.51	7.8	May 12, 2026	Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.
CVE-2026-34638	Adobe Inc. Premiere	Hig	0.51	7.8	May 12, 2026	Premiere Pro versions 26.0.2, 25.6.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2026-34338	—	Hig	0.51	7.8	May 12, 2026	Use after free in Windows Telephony Service allows an authorized attacker to elevate privileges locally.
CVE-2026-34337	Microsoft Office	Hig	0.51	7.8	May 12, 2026	Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.
CVE-2026-34333	—	Hig	0.51	7.8	May 12, 2026	Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.
CVE-2026-34330	Microsoft Win32K	Hig	0.51	7.8	May 12, 2026	Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.
CVE-2026-33840	Microsoft Win32K	Hig	0.51	7.8	May 12, 2026	Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.
CVE-2026-33835	Microsoft Office	Hig	0.51	7.8	May 12, 2026	Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.
CVE-2026-7925	Google Chrome	Hig	0.51	7.8	May 6, 2026	Use after free in Chromoting in Google Chrome on Windows prior to 148.0.7778.96 allowed a local attacker to perform OS-level privilege escalation via a malicious file. (Chromium security severity: High)
CVE-2026-24082	Qualcomm Fastconnect 6900 Firmware	Hig	0.51	7.8	May 4, 2026	Memory Corruption when copying data from a freed source while executing performance counter deselect operation.
CVE-2026-5943	Foxitsoftware PDF Reader	Hig	0.51	7.8	Apr 27, 2026	Document structural anomalies caused inconsistencies between page element relationships and internal index states. When scripts triggered document modifications, object reference validity was not properly maintained, leading to a crash when accessing an invalid pointer during…
CVE-2026-5940	Foxitsoftware PDF Reader	Hig	0.51	7.8	Apr 27, 2026	Calling a function that triggers a UI refresh after removing comments via a script may access an invalidated object, leading to program crashes.
CVE-2026-33023	Saitoha Libsixel	Hig	0.51	7.8	Apr 14, 2026	libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. In versions 1.8.7 and prior, when built with the --with-gdk-pixbuf2 option, a use-after-free vulnerability exists in load_with_gdkpixbuf() in loader.c. The cleanup path manually frees the…
CVE-2026-27292	Adobe Inc. Framemaker	Hig	0.51	7.8	Apr 14, 2026	Adobe Framemaker versions 2022.8 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2026-33101	Microsoft Windows Print Spooler Components	Hig	0.51	7.8	Apr 14, 2026	Use after free in Windows Print Spooler Components allows an authorized attacker to elevate privileges locally.
CVE-2026-33098	Microsoft Windows Server 2003	Hig	0.51	7.8	Apr 14, 2026	Use after free in Windows Container Isolation FS Filter Driver allows an authorized attacker to elevate privileges locally.
CVE-2026-33095	Microsoft Office Word	Hig	0.51	7.8	Apr 14, 2026	Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2026-32200	Microsoft Office	Hig	0.51	7.8	Apr 14, 2026	Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.

CVE-2026-40382HigMay 12, 2026
risk 0.51cvss 7.8epss 0.00
Use after free in Windows Telephony Service allows an authorized attacker to elevate privileges locally.
CVE-2026-40359HigMay 12, 2026
Microsoft
Office Excel
risk 0.51cvss 7.8epss 0.00
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2026-35418HigMay 12, 2026
risk 0.51cvss 7.8epss 0.00
Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.
CVE-2026-34638HigMay 12, 2026
Adobe Inc.
Premiere
risk 0.51cvss 7.8epss 0.00
Premiere Pro versions 26.0.2, 25.6.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2026-34338HigMay 12, 2026
risk 0.51cvss 7.8epss 0.00
Use after free in Windows Telephony Service allows an authorized attacker to elevate privileges locally.
CVE-2026-34337HigMay 12, 2026
Microsoft
Office
risk 0.51cvss 7.8epss 0.00
Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.
CVE-2026-34333HigMay 12, 2026
risk 0.51cvss 7.8epss 0.00
Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.
CVE-2026-34330HigMay 12, 2026
Microsoft
Win32K
risk 0.51cvss 7.8epss 0.00
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.
CVE-2026-33840HigMay 12, 2026
Microsoft
Win32K
risk 0.51cvss 7.8epss 0.00
Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.
CVE-2026-33835HigMay 12, 2026
Microsoft
Office
risk 0.51cvss 7.8epss 0.00
Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.
CVE-2026-7925HigMay 6, 2026
Google
Chrome
risk 0.51cvss 7.8epss 0.00
Use after free in Chromoting in Google Chrome on Windows prior to 148.0.7778.96 allowed a local attacker to perform OS-level privilege escalation via a malicious file. (Chromium security severity: High)
CVE-2026-24082HigMay 4, 2026
Qualcomm
Fastconnect 6900 Firmware
risk 0.51cvss 7.8epss 0.00
Memory Corruption when copying data from a freed source while executing performance counter deselect operation.
CVE-2026-5943HigApr 27, 2026
Foxitsoftware
PDF Reader
risk 0.51cvss 7.8epss 0.00
Document structural anomalies caused inconsistencies between page element relationships and internal index states. When scripts triggered document modifications, object reference validity was not properly maintained, leading to a crash when accessing an invalid pointer during…
CVE-2026-5940HigApr 27, 2026
Foxitsoftware
PDF Reader
risk 0.51cvss 7.8epss 0.00
Calling a function that triggers a UI refresh after removing comments via a script may access an invalidated object, leading to program crashes.
CVE-2026-33023HigApr 14, 2026
Saitoha
Libsixel
risk 0.51cvss 7.8epss 0.00
libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. In versions 1.8.7 and prior, when built with the --with-gdk-pixbuf2 option, a use-after-free vulnerability exists in load_with_gdkpixbuf() in loader.c. The cleanup path manually frees the…
CVE-2026-27292HigApr 14, 2026
Adobe Inc.
Framemaker
risk 0.51cvss 7.8epss 0.00
Adobe Framemaker versions 2022.8 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2026-33101HigApr 14, 2026
Microsoft
Windows Print Spooler Components
risk 0.51cvss 7.8epss 0.00
Use after free in Windows Print Spooler Components allows an authorized attacker to elevate privileges locally.
CVE-2026-33098HigApr 14, 2026
Microsoft
Windows Server 2003
risk 0.51cvss 7.8epss 0.00
Use after free in Windows Container Isolation FS Filter Driver allows an authorized attacker to elevate privileges locally.
CVE-2026-33095HigApr 14, 2026
Microsoft
Office Word
risk 0.51cvss 7.8epss 0.00
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2026-32200HigApr 14, 2026
Microsoft
Office
risk 0.51cvss 7.8epss 0.00
Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.