Skip to main content

CWE-416

Use After Free

6120 CVEs Avg CVSS 7.9 MITRE
668
CRITICAL
4520
HIGH
871
MEDIUM
56
LOW
828
POC
88
KEV

Monthly

CVE-2026-56434 HIGH PATCH This Week

Heap buffer over-read in the ngx_http_ssi_module of NGINX Open Source and NGINX Plus lets an unauthenticated man-in-the-middle attacker who can control upstream responses corrupt worker-process memory or crash the worker, but only in the non-default configuration combining Server-Side Includes, proxy_pass, and proxy_buffering off. The impact is confined to the data plane with no control-plane exposure, yielding limited memory modification and worker restarts (denial of service) rather than full code execution. No public exploit identified at time of analysis, though a vendor patch is available and the flaw carries a CVSS 4.0 score of 8.3.

Nginx Use After Free Memory Corruption Information Disclosure Nginx Plus +1
NVD
CVSS 4.0
8.3
CVE-2026-61860 MEDIUM PATCH This Month

Use-after-free in ImageMagick's FreeType integration path allows remote denial of service against image processing pipelines using vulnerable 6.x or 7.x releases. When FreeType initialization fails during an image processing operation, the affected code path neglects to exit cleanly and continues referencing already-freed memory, causing process corruption or crash. No public exploit identified at time of analysis; the CVSS 4.0 score of 6.3 with AC:H and AT:P reflects meaningful preconditions required to trigger the failure path.

Use After Free Memory Corruption Denial Of Service Imagemagick
NVD GitHub
CVSS 4.0
6.3
CVE-2026-15777 HIGH PATCH This Week

Use after free in UI in Google Chrome on Linux prior to 150.0.7871.125 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Google Use After Free Memory Corruption Denial Of Service
NVD VulDB
CVSS 3.1
7.5
EPSS
0.3%
CVE-2026-15774 HIGH PATCH This Week

Use after free in Skia in Google Chrome prior to 150.0.7871.125 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Google Use After Free Memory Corruption Denial Of Service
NVD
CVSS 3.1
8.3
EPSS
0.2%
CVE-2026-15773 CRITICAL PATCH Act Now

Use after free in Core in Google Chrome on Windows prior to 150.0.7871.125 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Use After Free Denial Of Service Google Microsoft Memory Corruption
NVD VulDB
CVSS 3.1
9.6
EPSS
0.3%
CVE-2026-15772 HIGH PATCH This Week

Use after free in GPU in Google Chrome on Android prior to 150.0.7871.125 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Google Use After Free Memory Corruption Denial Of Service
NVD
CVSS 3.1
8.3
EPSS
0.2%
CVE-2026-15765 HIGH PATCH This Week

Use after free in Ozone in Google Chrome prior to 150.0.7871.125 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)

Google Use After Free Memory Corruption Denial Of Service
NVD VulDB
CVSS 3.1
7.5
EPSS
0.3%
CVE-2026-15764 HIGH PATCH This Week

Use after free in Ozone in Google Chrome on Linux prior to 150.0.7871.125 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)

Google Use After Free Memory Corruption Denial Of Service
NVD VulDB
CVSS 3.1
7.5
EPSS
0.3%
CVE-2026-58637 HIGH PATCH This Week

Local privilege escalation in the Microsoft Windows Client-Side Caching (CSC) Service, driven by a use-after-free (CWE-416) memory-corruption flaw affecting Windows 10 (1607 through 22H2), Windows 11 (24H2/25H2/26H1), and Windows Server 2012 through 2025. An authorized attacker who already holds low-level privileges (PR:L) on the host can trigger the freed-object reuse to gain elevated, likely SYSTEM-level, privileges. The issue was reported by Microsoft with a patch available; there is no public exploit identified at time of analysis and no CISA KEV listing.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 10 Version 1607 +17
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2026-58634 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows 11 (version 26H1) Desktop Window Manager (DWM) allows an authenticated low-privileged user to gain SYSTEM-level control by exploiting a use-after-free (CWE-416) memory-corruption flaw. Reported by Microsoft and carrying a CVSS 3.1 score of 7.8, the flaw grants full confidentiality, integrity, and availability impact once triggered locally. There is no public exploit identified at time of analysis, and it is not listed in CISA KEV, but DWM EoP bugs are a historically favored post-compromise primitive.

Use After Free Memory Corruption Denial Of Service Windows 11 Version 26H1
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVSS 8.3
HIGH PATCH This Week

Heap buffer over-read in the ngx_http_ssi_module of NGINX Open Source and NGINX Plus lets an unauthenticated man-in-the-middle attacker who can control upstream responses corrupt worker-process memory or crash the worker, but only in the non-default configuration combining Server-Side Includes, proxy_pass, and proxy_buffering off. The impact is confined to the data plane with no control-plane exposure, yielding limited memory modification and worker restarts (denial of service) rather than full code execution. No public exploit identified at time of analysis, though a vendor patch is available and the flaw carries a CVSS 4.0 score of 8.3.

Nginx Use After Free Memory Corruption +3
NVD
CVSS 6.3
MEDIUM PATCH This Month

Use-after-free in ImageMagick's FreeType integration path allows remote denial of service against image processing pipelines using vulnerable 6.x or 7.x releases. When FreeType initialization fails during an image processing operation, the affected code path neglects to exit cleanly and continues referencing already-freed memory, causing process corruption or crash. No public exploit identified at time of analysis; the CVSS 4.0 score of 6.3 with AC:H and AT:P reflects meaningful preconditions required to trigger the failure path.

Use After Free Memory Corruption Denial Of Service +1
NVD GitHub
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Use after free in UI in Google Chrome on Linux prior to 150.0.7871.125 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Google Use After Free Memory Corruption +1
NVD VulDB
EPSS 0% CVSS 8.3
HIGH PATCH This Week

Use after free in Skia in Google Chrome prior to 150.0.7871.125 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Google Use After Free Memory Corruption +1
NVD
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Use after free in Core in Google Chrome on Windows prior to 150.0.7871.125 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Use After Free Denial Of Service Google +2
NVD VulDB
EPSS 0% CVSS 8.3
HIGH PATCH This Week

Use after free in GPU in Google Chrome on Android prior to 150.0.7871.125 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Google Use After Free Memory Corruption +1
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Use after free in Ozone in Google Chrome prior to 150.0.7871.125 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)

Google Use After Free Memory Corruption +1
NVD VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Use after free in Ozone in Google Chrome on Linux prior to 150.0.7871.125 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)

Google Use After Free Memory Corruption +1
NVD VulDB
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Local privilege escalation in the Microsoft Windows Client-Side Caching (CSC) Service, driven by a use-after-free (CWE-416) memory-corruption flaw affecting Windows 10 (1607 through 22H2), Windows 11 (24H2/25H2/26H1), and Windows Server 2012 through 2025. An authorized attacker who already holds low-level privileges (PR:L) on the host can trigger the freed-object reuse to gain elevated, likely SYSTEM-level, privileges. The issue was reported by Microsoft with a patch available; there is no public exploit identified at time of analysis and no CISA KEV listing.

Use After Free Memory Corruption Denial Of Service +19
NVD
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows 11 (version 26H1) Desktop Window Manager (DWM) allows an authenticated low-privileged user to gain SYSTEM-level control by exploiting a use-after-free (CWE-416) memory-corruption flaw. Reported by Microsoft and carrying a CVSS 3.1 score of 7.8, the flaw grants full confidentiality, integrity, and availability impact once triggered locally. There is no public exploit identified at time of analysis, and it is not listed in CISA KEV, but DWM EoP bugs are a historically favored post-compromise primitive.

Use After Free Memory Corruption Denial Of Service +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy