CWE-416

Use After Free

VariantStableLikelihood: High

Description

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

Hierarchy (View 1000)

Parents

CWE-825

Children

none

CVEs mapped to this weakness (1,644)

page 44 of 83

CVE	Vendor / Product	Sev	Risk	CVSS	Published	Description
CVE-2026-28883	—	Hig	0.49	7.5	May 11, 2026	A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2026-7976	Google Chrome	Hig	0.49	7.5	May 6, 2026	Use after free in Views in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. (Chromium security severity: Medium)
CVE-2026-7929	Google Chrome	Hig	0.49	7.5	May 6, 2026	Use after free in MediaRecording in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
CVE-2026-7897	Google Chrome	Hig	0.49	7.5	May 6, 2026	Use after free in Mobile in Google Chrome on iOS prior to 148.0.7778.96 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-7357	Google Chrome	Hig	0.49	7.5	Apr 28, 2026	Use after free in GPU in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2026-7349	Google Chrome	Hig	0.49	7.5	Apr 28, 2026	Use after free in Cast in Google Chrome prior to 147.0.7727.138 allowed an attacker on the local network segment to execute arbitrary code inside a sandbox via malicious network traffic. (Chromium security severity: High)
CVE-2026-7343	Google Chrome	Hig	0.49	7.5	Apr 28, 2026	Use after free in Views in Google Chrome on Windows prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-7338	Google Chrome	Hig	0.49	7.5	Apr 28, 2026	Use after free in Cast in Google Chrome prior to 147.0.7727.138 allowed an attacker on the local network segment to potentially exploit heap corruption via malicious network traffic. (Chromium security severity: High)
CVE-2026-6786	Mozilla Corporation Firefox	Hig	0.49	7.5	Apr 26, 2026	Memory safety bugs present in Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This…
CVE-2026-6785	Mozilla Corporation Firefox	Hig	0.49	7.5	Apr 26, 2026	Memory safety bugs present in Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary…
CVE-2026-6784	Mozilla Corporation Firefox	Hig	0.49	7.5	Apr 21, 2026	Memory safety bugs present in Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 150 and…
CVE-2026-6759	Mozilla Corporation Firefox	Hig	0.49	7.5	Apr 21, 2026	Use-after-free in the Widget: Cocoa component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.
CVE-2026-6758	Thunderbird Thunderbird	Hig	0.49	7.5	Apr 21, 2026	Use-after-free in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 150 and Thunderbird 150.
CVE-2026-6754	Mozilla Corporation Firefox	Hig	0.49	7.5	Apr 21, 2026	Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.
CVE-2026-6747	Mozilla Corporation Firefox	Hig	0.49	7.5	Apr 21, 2026	Use-after-free in the WebRTC component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.
CVE-2026-6746	Mozilla Corporation Firefox	Hig	0.49	7.5	Apr 21, 2026	Use-after-free in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.
CVE-2026-6319	Google Chrome	Hig	0.49	7.5	Apr 15, 2026	Use after free in Payments in Google Chrome on Android prior to 147.0.7727.101 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-5284	Google Chrome	Hig	0.49	7.5	Apr 1, 2026	Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
CVE-2026-4684	Mozilla Corporation Firefox	Hig	0.49	7.5	Mar 24, 2026	Race condition, use-after-free in the Graphics: WebRender component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
CVE-2025-12105	GNOME Foundation Libsoup	Hig	0.49	7.5	Oct 23, 2025	A flaw was found in the asynchronous message queue handling of the libsoup library, widely used by GNOME and WebKit-based applications to manage HTTP/2 communications. When network operations are aborted at specific timing intervals, an internal message queue item may be freed…

CVE-2026-28883HigMay 11, 2026
risk 0.49cvss 7.5epss 0.00
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2026-7976HigMay 6, 2026
Google
Chrome
risk 0.49cvss 7.5epss 0.00
Use after free in Views in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. (Chromium security severity: Medium)
CVE-2026-7929HigMay 6, 2026
Google
Chrome
risk 0.49cvss 7.5epss 0.00
Use after free in MediaRecording in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
CVE-2026-7897HigMay 6, 2026
Google
Chrome
risk 0.49cvss 7.5epss 0.00
Use after free in Mobile in Google Chrome on iOS prior to 148.0.7778.96 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-7357HigApr 28, 2026
Google
Chrome
risk 0.49cvss 7.5epss 0.00
Use after free in GPU in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2026-7349HigApr 28, 2026
Google
Chrome
risk 0.49cvss 7.5epss 0.00
Use after free in Cast in Google Chrome prior to 147.0.7727.138 allowed an attacker on the local network segment to execute arbitrary code inside a sandbox via malicious network traffic. (Chromium security severity: High)
CVE-2026-7343HigApr 28, 2026
Google
Chrome
risk 0.49cvss 7.5epss 0.00
Use after free in Views in Google Chrome on Windows prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-7338HigApr 28, 2026
Google
Chrome
risk 0.49cvss 7.5epss 0.00
Use after free in Cast in Google Chrome prior to 147.0.7727.138 allowed an attacker on the local network segment to potentially exploit heap corruption via malicious network traffic. (Chromium security severity: High)
CVE-2026-6786HigApr 26, 2026
Mozilla Corporation
Firefox
risk 0.49cvss 7.5epss 0.00
Memory safety bugs present in Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This…
CVE-2026-6785HigApr 26, 2026
Mozilla Corporation
Firefox
risk 0.49cvss 7.5epss 0.00
Memory safety bugs present in Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary…
CVE-2026-6784HigApr 21, 2026
Mozilla Corporation
Firefox
risk 0.49cvss 7.5epss 0.00
Memory safety bugs present in Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 150 and…
CVE-2026-6759HigApr 21, 2026
Mozilla Corporation
Firefox
risk 0.49cvss 7.5epss 0.00
Use-after-free in the Widget: Cocoa component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.
CVE-2026-6758HigApr 21, 2026
Thunderbird
Thunderbird
risk 0.49cvss 7.5epss 0.00
Use-after-free in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 150 and Thunderbird 150.
CVE-2026-6754HigApr 21, 2026
Mozilla Corporation
Firefox
risk 0.49cvss 7.5epss 0.00
Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.
CVE-2026-6747HigApr 21, 2026
Mozilla Corporation
Firefox
risk 0.49cvss 7.5epss 0.00
Use-after-free in the WebRTC component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.
CVE-2026-6746HigApr 21, 2026
Mozilla Corporation
Firefox
risk 0.49cvss 7.5epss 0.00
Use-after-free in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.
CVE-2026-6319HigApr 15, 2026
Google
Chrome
risk 0.49cvss 7.5epss 0.00
Use after free in Payments in Google Chrome on Android prior to 147.0.7727.101 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-5284HigApr 1, 2026
Google
Chrome
risk 0.49cvss 7.5epss 0.00
Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
CVE-2026-4684HigMar 24, 2026
Mozilla Corporation
Firefox
risk 0.49cvss 7.5epss 0.00
Race condition, use-after-free in the Graphics: WebRender component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
CVE-2025-12105HigOct 23, 2025
GNOME Foundation
Libsoup
risk 0.49cvss 7.5epss 0.00
A flaw was found in the asynchronous message queue handling of the libsoup library, widely used by GNOME and WebKit-based applications to manage HTTP/2 communications. When network operations are aborted at specific timing intervals, an internal message queue item may be freed…