Skip to main content

Use After Free

6128 CVEs technique

Monthly

CVE-2026-26311 Go MEDIUM POC This Month

Envoy proxy versions before 1.37.1, 1.36.5, 1.35.8, and 1.34.13 contain a use-after-free vulnerability in the HTTP connection manager that allows attackers to trigger denial of service by sending data frames on streams after they have been reset. Public exploit code exists for this vulnerability, and no patch is currently available. The flaw enables filter callbacks to execute on logically cleaned-up streams, potentially causing service disruption or state corruption.

Use After Free Envoy
NVD GitHub VulDB
CVSS 3.1
5.9
EPSS
0.0%
CVE-2026-27277 HIGH This Week

Arbitrary code execution in Substance 3D Stager 3.1.7 and earlier through a use-after-free memory vulnerability that triggers when users open specially crafted malicious files. An attacker can exploit this to execute code with the privileges of the affected user, though no patch is currently available to remediate the issue.

Use After Free Substance 3d Stager
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-27276 HIGH This Week

Arbitrary code execution in Substance 3D Stager 3.1.7 and earlier stems from a use-after-free vulnerability that executes with the privileges of the current user. An attacker can exploit this by crafting a malicious file that, when opened by a victim, triggers memory corruption and code execution. No patch is currently available for this high-severity vulnerability.

Use After Free Substance 3d Stager
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-30978 HIGH This Week

iccDEV provides a set of libraries and tools for working with ICC color management profiles. versions up to 2.3.1.5 is affected by use after free (CVSS 7.8).

Use After Free Denial Of Service Memory Corruption Iccdev
NVD GitHub VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-26132 HIGH PATCH This Week

Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally. [CVSS 7.8 HIGH]

Use After Free Microsoft Memory Corruption Denial Of Service Windows
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-26107 HIGH PATCH This Week

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. [CVSS 7.8 HIGH]

Microsoft Use After Free Denial Of Service Memory Corruption Office Long Term Servicing Channel +4
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-25189 HIGH PATCH This Week

Privilege escalation in Windows DWM Core Library affects Windows 10 versions 21H2 and 1809 through a use-after-free memory corruption vulnerability that allows authenticated local attackers to gain system-level privileges. The vulnerability requires local access and valid user credentials but no user interaction, creating a significant risk for multi-user systems. No patch is currently available.

Use After Free Microsoft Denial Of Service Memory Corruption Windows 10 21h2 +5
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-25178 HIGH PATCH This Week

Windows Ancillary Function Driver for WinSock (AFD) in Windows 11 versions 24h2 and 26h1 contains a use-after-free vulnerability (CWE-416) that allows authenticated local attackers to escalate privileges through memory corruption. An attacker with local access could exploit this flaw to gain elevated system permissions, though no official patch is currently available.

Use After Free Microsoft Denial Of Service Memory Corruption Windows 11 26h1 +14
NVD VulDB
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-25171 HIGH PATCH This Week

Privilege escalation in Windows Authentication Methods (Windows 10 22H2, Windows 11 26H1) stems from a use-after-free memory vulnerability that allows authenticated local attackers to gain elevated system privileges. The flaw requires low user privileges and manual interaction but provides complete system compromise through code execution. No patch is currently available for this high-severity vulnerability.

Use After Free Microsoft Denial Of Service Memory Corruption Windows 10 22h2 +14
NVD VulDB
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-25170 HIGH PATCH This Week

Use after free in Windows Hyper-V allows an authorized attacker to elevate privileges locally. [CVSS 7.0 HIGH]

Use After Free Microsoft Denial Of Service Memory Corruption Windows 11 23h2 +7
NVD VulDB
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-25167 HIGH PATCH This Week

Privilege escalation in Microsoft's Brokering File System on Windows 11 (24h2 and 25h2) stems from a use-after-free vulnerability that allows local attackers to gain elevated system privileges. An attacker with local access can exploit memory corruption to execute arbitrary code with higher privileges, potentially compromising system integrity. No patch is currently available for this vulnerability.

Microsoft Use After Free Denial Of Service Memory Corruption Windows 11 24h2 +3
NVD VulDB
CVSS 3.1
7.4
EPSS
0.0%
CVE-2026-24292 HIGH PATCH This Week

Privilege escalation in Windows Connected Devices Platform Service (Cdpsvc) exploits a use-after-free memory vulnerability, affecting Windows 10 22h2 and Windows 11 (25h2, 26h1). An authenticated local attacker can leverage this flaw to gain system-level privileges on vulnerable systems. No patch is currently available for this high-severity vulnerability.

Use After Free Denial Of Service Memory Corruption Windows 10 22h2 Windows 11 25h2 +10
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-24289 HIGH PATCH This Week

Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally. [CVSS 7.8 HIGH]

Use After Free Microsoft Denial Of Service Memory Corruption Windows 10 22h2 +13
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-24285 HIGH PATCH This Week

Use after free in Windows Win32K allows an authorized attacker to elevate privileges locally. [CVSS 7.0 HIGH]

Use After Free Microsoft Denial Of Service Memory Corruption
NVD VulDB
CVSS 3.1
7.0
EPSS
0.1%
CVE-2026-23669 HIGH PATCH This Week

Remote code execution in Microsoft Windows Print Spooler Components via use-after-free memory corruption enables authenticated network attackers to execute arbitrary code with high privileges. The vulnerability requires valid credentials but no user interaction, presenting a significant risk to organizations where print services are accessible to untrusted internal or remote users. No patch is currently available.

Use After Free Microsoft Denial Of Service Memory Corruption Windows
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-23667 HIGH PATCH This Week

Use after free in Broadcast DVR allows an authorized attacker to elevate privileges locally. [CVSS 7.0 HIGH]

Use After Free Windows 10 1809 Windows 11 26h1 Windows 11 24h2 Windows 11 25h2 +4
NVD VulDB
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-28688 NuGet MEDIUM PATCH This Month

ImageMagick versions prior to 7.1.2-16 and 6.9.13-41 contain a heap-use-after-free vulnerability in the MSL encoder that can be triggered by local attackers to cause denial of service through double-free conditions on cloned images. The vulnerability requires local access with no special privileges or user interaction, resulting in application crashes or potential memory corruption. No patch is currently available for affected versions.

Use After Free Imagemagick Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
4.0
EPSS
0.0%
CVE-2026-28687 NuGet MEDIUM PATCH This Month

Heap use-after-free in ImageMagick's MSL decoder (versions before 7.1.2-16 and 6.9.13-41) allows remote attackers to trigger memory access violations via specially crafted MSL files, resulting in denial of service. The vulnerability requires no authentication or user interaction and affects systems processing untrusted image files. No patch is currently available for this MEDIUM severity issue.

Use After Free Imagemagick Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-28799 HIGH PATCH This Week

PJSIP versions prior to 2.17 contain a heap use-after-free vulnerability in the event subscription framework that can be triggered through presence unsubscription requests, allowing remote attackers without authentication to cause denial of service. The vulnerability resides in the evsub.c component and is exploitable over the network with no user interaction required. A patch is available in version 2.17 and later.

Use After Free Pjsip Red Hat
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-13350 This Week

Ubuntu Linux 6.8 GA retains the legacy AF_UNIX garbage collector but backports upstream commit 8594d9b85c07 ("af_unix: Don’t call skb_get() for OOB skb"). When orphaned MSG_OOB sockets hit unix_gc(), the garbage collector still calls kfree_skb() as if OOB SKBs held two references; on Ubuntu Linux 6.8 (Noble Numbat) kernel tree, they have only the queue reference, so the buffer is freed while still reachable and subsequent queue walks dereference freed memory, yielding a reliable local privile...

Linux Ubuntu Use After Free Privilege Escalation Linux Kernel
NVD
EPSS
0.0%
CVE-2026-22040 MEDIUM This Month

NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform. [CVSS 5.3 MEDIUM]

Memory Corruption Use After Free Buffer Overflow Nanomq
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-23234 HIGH PATCH This Week

A use-after-free vulnerability in the Linux kernel's f2fs filesystem allows a local attacker with user privileges to trigger memory corruption and crash the system through a race condition between I/O completion and filesystem unmount operations. The vulnerability occurs when a loop device completes write operations concurrently with an unmount that frees filesystem structures still being accessed by pending I/O handlers. This issue has no available patch and requires kernel-level access to exploit.

Linux Use After Free Information Disclosure Memory Corruption Linux Kernel +2
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23231 HIGH POC PATCH CISA Act Now

A use-after-free vulnerability in the Linux kernel's netfilter nf_tables chain registration allows local attackers with user privileges to trigger memory corruption and cause a denial of service, potentially leading to privilege escalation. The flaw occurs when hook registration fails during chain addition, allowing concurrent operations to access freed memory without proper RCU synchronization. The vulnerability affects systems running vulnerable Linux kernels with netfilter enabled, and no patch is currently available.

Linux Use After Free Information Disclosure Memory Corruption
NVD VulDB Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
Threat
5.1
CVE-2026-0027 MEDIUM PATCH This Month

The ARM SMMU v3 driver in Android contains a use-after-free vulnerability in the smmu_detach_dev function that could allow a local privileged attacker to execute arbitrary code with system privileges. An attacker with high-level system access can trigger an out-of-bounds write to escalate privileges without requiring user interaction. A patch is available to address this issue.

Use After Free Privilege Escalation Android Google
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-48641 HIGH This Week

In multiple functions of Nfc.h, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. [CVSS 7.0 HIGH]

Use After Free Privilege Escalation Race Condition Android Google
NVD
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-20443 MEDIUM This Month

Local privilege escalation in Android's display subsystem exploits a use-after-free memory corruption vulnerability to elevate from system-level privileges, requiring no user interaction. An attacker with pre-existing system access can trigger the memory corruption to gain complete control over the affected device. No patch is currently available to remediate this issue.

Use After Free Memory Corruption Privilege Escalation Android Google
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2026-20442 MEDIUM This Month

Android's display subsystem crashes due to a use-after-free memory error that allows a privileged local attacker to trigger a denial of service without user interaction. Exploitation requires pre-existing system-level access, limiting impact to scenarios where an attacker has already compromised the device at the highest privilege level. No patch is currently available for this vulnerability.

Use After Free Denial Of Service Android Google
NVD
CVSS 3.1
4.4
EPSS
0.0%
CVE-2026-20439 MEDIUM This Month

Android's imgsys component is vulnerable to a use-after-free condition that enables local denial of service attacks. Exploitation requires system-level privileges and causes immediate system crashes without user interaction. No patch is currently available for this vulnerability.

Use After Free Denial Of Service Android Google
NVD
CVSS 3.1
4.4
EPSS
0.0%
CVE-2026-20437 MEDIUM This Month

Android MAE component is vulnerable to a use-after-free condition that can trigger a system crash, resulting in denial of service for devices where an attacker has already obtained system-level privileges. No user interaction is required for exploitation. Currently, no patch is available for this vulnerability.

Use After Free Denial Of Service Android Google
NVD
CVSS 3.1
4.4
EPSS
0.0%
CVE-2026-27950 HIGH PATCH This Week

FreeRDP versions prior to 3.23.0 contain an incomplete fix for a heap-use-after-free vulnerability that affects only the SDL2 code path, where freed memory pointers are not properly nulled, allowing an unauthenticated attacker to trigger a denial of service condition. Users running FreeRDP with SDL2 backends remain vulnerable despite the advisory claiming the issue was resolved. Upgrade to version 3.23.0 or later to obtain the complete fix.

Use After Free Freerdp Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-25997 CRITICAL POC PATCH Act Now

Use-after-free in FreeRDP xf_clipboard_format_equal before 3.23.0. Clipboard format comparison uses freed memory. Fifth FreeRDP UAF. PoC and patch available.

Use After Free Freerdp Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-25959 CRITICAL POC PATCH Act Now

Use-after-free in FreeRDP xf_cliprdr_provide_data clipboard handling before 3.23.0. Clipboard data exchange triggers memory corruption. PoC and patch available.

Use After Free Freerdp Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-25955 CRITICAL POC PATCH Act Now

Use-after-free in FreeRDP xf_AppUpdateWindowFromSurface before 3.23.0. Different code path from CVE-2026-25953. PoC and patch available.

Use After Free Freerdp Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-25953 CRITICAL POC PATCH Act Now

Use-after-free in FreeRDP xf_AppUpdateWindowFromSurface before 3.23.0. Surface-to-window update triggers memory corruption. PoC and patch available.

Use After Free Freerdp Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-2804 MEDIUM PATCH This Month

A use-after-free vulnerability in Firefox and Thunderbird's JavaScript WebAssembly engine allows remote attackers to achieve information disclosure or data manipulation through a malicious webpage or email attachment that requires user interaction. Affected versions include Firefox below 148 and Thunderbird below 148, with no patch currently available. The vulnerability has a network attack vector with low complexity and carries a CVSS score of 5.4.

Use After Free Memory Corruption Mozilla Information Disclosure
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-2799 CRITICAL PATCH Act Now

Use-after-free in Firefox DOM Core & HTML before 148. DOM object lifecycle error.

Use After Free Memory Corruption Mozilla Information Disclosure Thunderbird
NVD VulDB
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-2798 HIGH PATCH This Week

A use-after-free vulnerability in Firefox and Thunderbird's DOM processing allows remote attackers to execute arbitrary code through a malicious webpage or email attachment, requiring only user interaction to trigger. This affects Firefox versions below 148 and Thunderbird versions below 148, with no patch currently available.

Use After Free Memory Corruption Mozilla Information Disclosure Thunderbird
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-2797 CRITICAL PATCH Act Now

Use-after-free in Firefox JavaScript GC before 148. Second GC UAF, different from CVE-2026-2795.

Use After Free Memory Corruption Mozilla Information Disclosure Thunderbird
NVD VulDB
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-2795 CRITICAL PATCH Act Now

Use-after-free in Firefox JavaScript GC component before 148. GC-specific UAF affecting only mainline Firefox and Thunderbird.

Use After Free Memory Corruption Mozilla Information Disclosure Thunderbird
NVD VulDB
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-2789 CRITICAL PATCH Act Now

Use-after-free in Firefox ImageLib graphics component before 148. Image processing triggers use of freed memory.

Use After Free Memory Corruption Mozilla Information Disclosure
NVD
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-2787 CRITICAL PATCH Act Now

Use-after-free in Firefox DOM Window and Location component before 148. Window/Location lifecycle management error.

Use After Free Memory Corruption Mozilla Information Disclosure
NVD
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-2786 CRITICAL PATCH Act Now

Use-after-free in Firefox JavaScript Engine before 148. Fourth distinct JS engine UAF in this release.

Use After Free Memory Corruption Mozilla Information Disclosure
NVD
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-2772 CRITICAL PATCH Act Now

Use-after-free in Firefox Audio/Video Playback component before 148. Media playback triggers memory corruption.

Use After Free Memory Corruption Mozilla Information Disclosure Thunderbird
NVD VulDB
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-2770 CRITICAL PATCH Act Now

Use-after-free in Firefox DOM Bindings (WebIDL) component before 148. Memory corruption in the interface between JavaScript and native DOM objects.

Use After Free Memory Corruption Mozilla Information Disclosure Thunderbird
NVD VulDB
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-2769 HIGH PATCH This Week

A use-after-free vulnerability in the IndexedDB storage component of Firefox and Thunderbird allows remote attackers to achieve arbitrary code execution through user interaction. Affected versions include Firefox below 148, Firefox ESR below 115.33 and 140.8, and Thunderbird below 148 and 140.8. No patch is currently available for this high-severity flaw.

Use After Free Memory Corruption Mozilla Information Disclosure Thunderbird
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-2767 CRITICAL PATCH Act Now

Use-after-free in Firefox JavaScript WebAssembly component before 148. WebAssembly-specific memory management bug.

Use After Free Memory Corruption Mozilla Information Disclosure Thunderbird
NVD VulDB
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-2766 CRITICAL PATCH Act Now

Use-after-free in Firefox JavaScript JIT compiler before 148. Second JIT-related UAF in this release, different from CVE-2026-2764.

Use After Free Memory Corruption Mozilla Information Disclosure Thunderbird
NVD VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-2765 CRITICAL PATCH Act Now

Use-after-free in Firefox JavaScript Engine before 148 and Thunderbird ESR 140.8. Separate UAF from CVE-2026-2763 and CVE-2026-2758.

Use After Free Memory Corruption Mozilla Information Disclosure Thunderbird
NVD VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-2764 CRITICAL PATCH Act Now

JIT miscompilation causing use-after-free in Firefox JavaScript JIT compiler before 148. JIT bugs are highly exploitable due to their deterministic nature.

Use After Free Memory Corruption Mozilla Information Disclosure Thunderbird
NVD VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-2763 CRITICAL PATCH Act Now

Use-after-free in Firefox JavaScript Engine before 148. One of multiple JS engine UAFs fixed in this release.

Use After Free Memory Corruption Mozilla Information Disclosure Thunderbird
NVD VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-2758 CRITICAL PATCH Act Now

Use-after-free in Firefox JavaScript garbage collector before 148 allows remote code execution through crafted JavaScript.

Use After Free Memory Corruption Mozilla Information Disclosure Thunderbird
NVD VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-25983 NuGet MEDIUM PATCH This Month

ImageMagick versions prior to 7.1.2-15 and 6.9.13-40 are vulnerable to a heap-use-after-free condition when processing specially crafted MSL scripts, allowing unauthenticated remote attackers to cause denial of service. The vulnerability occurs when the operation element handler frees image data while the parser continues accessing it, leading to memory corruption during subsequent parsing operations. No patch is currently available for affected versions.

Use After Free Imagemagick Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.1%
CVE-2026-2408 MEDIUM This Month

Tanium addressed a use-after-free vulnerability in the Cloud Workloads Enforce client extension. [CVSS 4.7 MEDIUM]

Use After Free Cloud Workloads
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2026-26203 MEDIUM PATCH This Month

PJSIP versions before 2.17 contain a use-after-free vulnerability in the H.264 packetizer that allows local attackers with user privileges to cause denial of service through malformed H.264 bitstreams lacking proper NAL unit markers. The flaw stems from inadequate pointer validation during packet processing, enabling out-of-bounds memory access that crashes the application. A patch is available in version 2.17 and later.

Use After Free Pjsip
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-23227 HIGH PATCH This Week

Use-after-free in Linux kernel's Exynos Virtual Display (drm/exynos vidi) driver allows local authenticated users to potentially execute arbitrary code, escalate privileges, or cause denial of service. The vulnerability stems from missing lock protection during concurrent memory allocation/deallocation operations in the vidi_context structure. EPSS score of 0.02% indicates low observed exploitation probability. Vendor patches available across multiple kernel stable branches.

Linux Use After Free Information Disclosure Samsung Memory Corruption
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23226 HIGH PATCH This Week

The Linux kernel ksmbd subsystem contains a use-after-free vulnerability in multi-channel session handling due to missing synchronization on the ksmbd_chann_list xarray, allowing a local attacker with user privileges to cause memory corruption and potentially execute arbitrary code. The vulnerability affects the channel lookup and deletion operations between multiple concurrent sessions. A patch is available to add proper locking mechanisms to protect xarray access.

Linux Use After Free Memory Corruption Information Disclosure Red Hat +1
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-23224 HIGH PATCH This Week

The Linux kernel erofs file system contains a use-after-free vulnerability in direct I/O file-backed mount operations that allows local attackers with user privileges to cause memory corruption and potentially achieve code execution or denial of service. The vulnerability occurs when accessing files through the directio option, where freed memory is subsequently accessed during I/O operations. A patch is not currently available, making this a critical concern for systems running affected Linux kernel versions.

Linux Information Disclosure Memory Corruption Use After Free Red Hat +1
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23223 HIGH PATCH This Week

Use-after-free vulnerability in Linux kernel XFS subsystem allows local attackers with unprivileged access to cause memory corruption and potential privilege escalation through improper pointer dereferencing in the btree block owner checking function. The flaw stems from attempting to access freed memory due to incorrect temporal ordering of operations when determining cursor aliases. This vulnerability affects all Linux systems using XFS and currently lacks a patch.

Linux Information Disclosure Memory Corruption Use After Free Linux Kernel +2
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23221 HIGH PATCH This Week

The Linux kernel's fsl-mc bus driver contains a use-after-free vulnerability in the driver_override_show() function that reads device configuration without proper locking, allowing a local privileged user to trigger memory corruption by concurrently modifying the same data. This vulnerability affects Linux systems running vulnerable kernel versions and could enable local denial of service or potential privilege escalation through heap memory manipulation. No patch is currently available for this issue.

Linux Use After Free Information Disclosure Memory Corruption Linux Kernel +2
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23216 HIGH PATCH This Week

A use-after-free vulnerability in the Linux kernel's iSCSI target implementation allows local attackers with low privileges to cause memory corruption and potential denial of service by exploiting a race condition in the connection usage counting mechanism. The flaw occurs when a spinlock is released after calling complete(), allowing a waiting thread to free the connection structure before the current thread finishes its unlock operation. No patch is currently available for this vulnerability.

Linux Use After Free Memory Corruption Information Disclosure Linux Kernel +2
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-25087 PyPI HIGH PATCH GHSA This Week

Use After Free vulnerability in Apache Arrow C++. This issue affects Apache Arrow C++ from 15.0.0 through 23.0.0. [CVSS 7.0 HIGH]

Apache Python Ruby Use After Free Memory Corruption +4
NVD GitHub
CVSS 3.1
7.0
EPSS
0.2%
CVE-2026-23209 HIGH PATCH This Week

Local privilege escalation in the Linux kernel macvlan driver allows a local attacker with user privileges to cause memory corruption and kernel crashes through improper error handling in macvlan_common_newlink(). The vulnerability stems from a use-after-free condition when macvlan link creation fails during device registration, enabling denial of service and potential privilege escalation on affected systems.

Linux Use After Free Denial Of Service Memory Corruption Red Hat +1
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23202 PATCH Monitor

In the Linux kernel, the following vulnerability has been resolved: spi: tegra210-quad: Protect curr_xfer in tegra_qspi_combined_seq_xfer The curr_xfer field is read by the IRQ handler without holding the lock to check if a transfer is in progress.

Linux Use After Free Null Pointer Dereference Linux Kernel
NVD VulDB
EPSS
0.0%
CVE-2026-23195 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: cgroup/dmem: avoid pool UAF An UAF issue was observed: BUG: KASAN: slab-use-after-free in page_counter_uncharge+0x65/0x150 Write of size 8 at addr ffff888106715440 by task insmod/527 CPU: 4 UID: 0 PID: 527 Comm: insmod 6.19.0-rc7-next-20260129+ #11 Tainted: [O]=OOT_MODULE Call Trace: <TASK> dump_stack_lvl+0x82/0xd0 kasan_report+0xca/0x100 kasan_check_range+0x39/0x1c0 page_counter_uncharge+0x65/0x150 dmem_cgroup_uncharge+0x1f/0x260 Allocated by task 527: Freed by task 0: The buggy address belongs to the object at ffff888106715400 which belongs to the cache kmalloc-512 of size 512 The buggy address is located 64 bytes inside of freed 512-byte region [ffff888106715400, ffff888106715600) The buggy address belongs to the physical page: Memory state around the buggy address: ffff888106715300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc ffff888106715380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc >ffff888106715400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb ^ ffff888106715480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb ffff888106715500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb The issue occurs because a pool can still be held by a caller after its associated memory region is unregistered.

Linux Use After Free Memory Corruption Information Disclosure Red Hat +1
NVD VulDB
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-23193 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count() In iscsit_dec_session_usage_count(), the function calls complete() while holding the sess->session_usage_lock.

Linux Use After Free Memory Corruption Information Disclosure Red Hat +1
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-23192 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: linkwatch: use __dev_put() in callers to prevent UAF After linkwatch_do_dev() calls __dev_put() to release the linkwatch reference, the device refcount may drop to 1.

Linux Debian Use After Free Information Disclosure Memory Corruption +2
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23191 HIGH PATCH This Week

The Linux kernel's ALSA loopback driver contains a use-after-free vulnerability in the PCM trigger callback due to inadequate locking when accessing shared cable state during concurrent stream operations. A local attacker with minimal privileges can trigger this flaw by rapidly opening, closing, and triggering PCM streams, potentially causing kernel crashes or memory corruption. No patch is currently available for this vulnerability.

Linux Information Disclosure Memory Corruption Use After Free Red Hat +1
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23185 HIGH PATCH This Week

The Linux kernel iwlwifi driver fails to properly cancel the mlo_scan_start_wk work queue item during disconnection, allowing it to execute after associated data structures are freed or modified. A local attacker with standard user privileges can trigger use-after-free or initialization-after-free memory corruption by manipulating interface state transitions, potentially leading to denial of service or privilege escalation. No patch is currently available.

Linux Use After Free Memory Corruption Information Disclosure
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23184 HIGH PATCH This Week

A use-after-free vulnerability in the Linux kernel's binder subsystem allows local attackers with low privileges to cause memory corruption by accessing transaction objects after they have been freed during frozen target thawing. The flaw exists in binder_netlink_report() which dereferences a transaction pointer following a BR_TRANSACTION_PENDING_FROZEN error, potentially enabling denial of service or local privilege escalation. No patch is currently available.

Linux Use After Free Memory Corruption Information Disclosure Red Hat +1
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23171 HIGH PATCH This Week

The Linux kernel bonding driver contains a use-after-free vulnerability in the slave device initialization path that allows local attackers with user privileges to cause memory corruption or denial of service. The flaw occurs when slave array updates happen before XDP setup completion, enabling the new slave to be used for transmission before being freed by error cleanup handlers. This affects Debian, Ubuntu, and other Linux distributions running vulnerable kernel versions.

Linux Debian Use After Free Denial Of Service Canonical +1
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23158 HIGH PATCH This Week

A use-after-free vulnerability in the Linux kernel's gpio-virtuser configfs release path allows local users with standard privileges to trigger memory corruption and potentially achieve code execution by causing mutex operations on freed memory. The flaw exists because the device structure is freed while a mutex guard scope is still active, leading to undefined behavior when the guard attempts to unlock the already-destroyed mutex. This vulnerability affects Linux systems with the affected kernel versions and requires local access to exploit.

Linux Use After Free Memory Corruption Information Disclosure Linux Kernel +2
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-2441 HIGH POC KEV PATCH THREAT Act Now

Google Chrome's CSS engine contains a use-after-free vulnerability (CVE-2026-2441, CVSS 8.8) that allows remote attackers to execute arbitrary code within the browser sandbox through crafted HTML pages. KEV-listed with public PoC, this vulnerability enables drive-by exploitation when users visit malicious or compromised websites.

Google Use After Free Chrome Red Hat Suse
NVD GitHub VulDB Exploit-DB
CVSS 3.1
8.8
EPSS
0.1%
Threat
4.8
CVE-2026-23111 HIGH PATCH CISA Act Now

A use-after-free vulnerability in the Linux kernel's netfilter nf_tables module allows local attackers with unprivileged access to cause memory corruption and denial of service through an inverted logic check in catchall map element activation during failed transactions. The flaw occurs in nft_map_catchall_activate() which incorrectly processes already-active elements instead of inactive ones, potentially leading to privilege escalation or system crash. No patch is currently available.

Linux Use After Free Privilege Escalation Memory Corruption
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-2321 HIGH PATCH This Week

Heap corruption in Google Chrome's Ozone component (versions prior to 145.0.7632.45) stems from a use-after-free vulnerability that can be triggered when users interact with malicious HTML pages through specific UI gestures. An unauthenticated remote attacker can exploit this to achieve arbitrary code execution with high impact on confidentiality, integrity, and availability. No patch is currently available, leaving affected Chrome users vulnerable to exploitation.

Google Use After Free Chrome Red Hat Suse
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-2313 HIGH PATCH This Week

Heap corruption in Google Chrome's CSS engine prior to version 145.0.7632.45 can be triggered through crafted HTML pages, enabling remote attackers to achieve arbitrary code execution without user interaction beyond viewing a malicious webpage. The vulnerability stems from a use-after-free memory flaw that affects all Chrome users, and currently no patch is available. With a CVSS score of 8.8 and low exploit difficulty, this represents a critical risk to active Chrome installations.

Google Use After Free Chrome Red Hat Suse
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-0031 This Week

A use after free in the SEV firmware could allow a malicous hypervisor to activate a migrated guest with the SINGLE_SOCKET policy on a different socket than the migration agent potentially resulting in loss of integrity.

Use After Free
NVD
EPSS
0.0%
CVE-2026-21351 HIGH This Week

Arbitrary code execution in Adobe After Effects 25.6 and earlier through a use-after-free memory vulnerability requires user interaction to open a specially crafted file. An attacker can exploit this flaw to execute malicious code with the privileges of the affected user. No patch is currently available.

Use After Free After Effects
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-21329 HIGH This Week

Arbitrary code execution in Adobe After Effects 25.6 and earlier via a use-after-free memory vulnerability that executes with user privileges when opening a malicious file. The vulnerability requires user interaction but has no available patch, leaving affected systems at risk from social engineering attacks delivering weaponized project files.

Use After Free After Effects
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-21326 HIGH This Week

Arbitrary code execution in Adobe After Effects 25.6 and earlier through a use-after-free memory vulnerability requires victims to open a malicious file. An attacker can execute commands with the privileges of the affected user without requiring special permissions. No patch is currently available for this high-severity vulnerability.

Use After Free After Effects
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-21323 HIGH This Week

Arbitrary code execution in Adobe After Effects versions 25.6 and earlier through a use-after-free vulnerability that requires a user to open a malicious file. An attacker can execute arbitrary code with the privileges of the affected user by crafting a specially designed file. No patch is currently available.

Use After Free After Effects
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-21320 HIGH This Week

Arbitrary code execution in Adobe After Effects 25.6 and earlier through a use-after-free flaw allows attackers to execute commands with user privileges when a victim opens a crafted file. The vulnerability requires user interaction but poses high risk to creative professionals and design teams. No patch is currently available.

Use After Free After Effects
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-21253 HIGH PATCH This Week

Use after free in Mailslot File System allows an authorized attacker to elevate privileges locally. [CVSS 7.0 HIGH]

Use After Free Denial Of Service Memory Corruption
NVD VulDB
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-21251 HIGH PATCH This Week

Privilege escalation in Windows Cluster Client Failover exploits a use-after-free memory vulnerability, enabling authenticated local users to gain elevated system privileges. The flaw affects Windows Server 2016, 2019, and 2025 installations where an attacker with existing local access can trigger the vulnerability through the failover clustering component. No patch is currently available for this high-severity vulnerability.

Windows Use After Free Windows Server 2019 Windows Server 2025 Windows Server 2016 +3
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-21242 HIGH PATCH This Week

Windows Subsystem for Linux contains a use-after-free vulnerability that enables local privilege escalation for authenticated users. An attacker with valid local access could exploit this memory safety flaw to gain elevated system privileges on affected Windows Server 2022 systems.

Linux Windows Use After Free Windows Server 2022 Windows Server 2022 23h2 +7
NVD
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-21241 HIGH PATCH This Week

Windows Ancillary Function Driver for WinSock in Windows 11 23h2 and Windows Server 2022 23h2 contains a use-after-free vulnerability that allows authenticated local users to achieve privilege escalation. An attacker with local access and valid credentials can trigger the memory safety flaw to gain elevated system privileges. No patch is currently available for this HIGH severity vulnerability.

Windows Use After Free Windows Server 2022 23h2 Windows 11 23h2 Windows Server 2022 +4
NVD
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-21235 HIGH PATCH This Week

Privilege escalation in Microsoft Graphics Component via use-after-free memory corruption affects Windows Server 2019 and 2012, allowing authenticated local attackers to gain elevated system privileges with user interaction. The vulnerability poses a significant risk in industrial environments where Windows Server hosts critical infrastructure. No patch is currently available for this high-severity issue.

Microsoft Industrial Use After Free Windows Server 2019 Windows Server 2012 +7
NVD
CVSS 3.1
7.3
EPSS
0.0%
CVE-2026-24684 HIGH PATCH This Week

FreeRDP versions prior to 3.22.0 contain a use-after-free vulnerability in the audio playback subsystem where the RDPSND async thread processes queued audio packets after the channel has been closed and its internal state freed, causing a denial of service. The vulnerability affects systems running vulnerable FreeRDP versions and can be exploited remotely without authentication or user interaction. A patch is available in FreeRDP 3.22.0 and later.

Use After Free Freerdp Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-24683 HIGH PATCH This Week

FreeRDP versions prior to 3.22.0 contain a use-after-free vulnerability in the input event handling mechanism where unsynchronized access to cached channel callbacks can be freed or reinitialized by concurrent channel closure operations. An attacker with network access can trigger a denial of service condition by exploiting this race condition. A patch is available in version 3.22.0 and later.

Use After Free Freerdp Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-24681 HIGH PATCH This Week

FreeRDP versions prior to 3.22.0 contain a use-after-free vulnerability in the URBDRC channel handler where asynchronous bulk transfer completions reference freed memory after channel closure, enabling denial of service attacks. An unauthenticated remote attacker can trigger this condition through malformed RDP protocol messages to crash the FreeRDP service. A patch is available in version 3.22.0 and later.

Use After Free Freerdp Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-24680 HIGH PATCH This Week

FreeRDP versions prior to 3.22.0 contain a use-after-free vulnerability in pointer handling where sdl_Pointer_New and sdl_Pointer_Free both attempt to free the same memory, causing a denial of service condition. An attacker with network access can trigger this memory corruption to crash RDP client instances without authentication. The vulnerability affects all users of vulnerable FreeRDP versions and is resolved in version 3.22.0 and later.

Use After Free Freerdp Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
EPSS 0% CVSS 5.9
MEDIUM POC This Month

Envoy proxy versions before 1.37.1, 1.36.5, 1.35.8, and 1.34.13 contain a use-after-free vulnerability in the HTTP connection manager that allows attackers to trigger denial of service by sending data frames on streams after they have been reset. Public exploit code exists for this vulnerability, and no patch is currently available. The flaw enables filter callbacks to execute on logically cleaned-up streams, potentially causing service disruption or state corruption.

Use After Free Envoy
NVD GitHub VulDB
EPSS 0% CVSS 7.8
HIGH This Week

Arbitrary code execution in Substance 3D Stager 3.1.7 and earlier through a use-after-free memory vulnerability that triggers when users open specially crafted malicious files. An attacker can exploit this to execute code with the privileges of the affected user, though no patch is currently available to remediate the issue.

Use After Free Substance 3d Stager
NVD VulDB
EPSS 0% CVSS 7.8
HIGH This Week

Arbitrary code execution in Substance 3D Stager 3.1.7 and earlier stems from a use-after-free vulnerability that executes with the privileges of the current user. An attacker can exploit this by crafting a malicious file that, when opened by a victim, triggers memory corruption and code execution. No patch is currently available for this high-severity vulnerability.

Use After Free Substance 3d Stager
NVD VulDB
EPSS 0% CVSS 7.8
HIGH This Week

iccDEV provides a set of libraries and tools for working with ICC color management profiles. versions up to 2.3.1.5 is affected by use after free (CVSS 7.8).

Use After Free Denial Of Service Memory Corruption +1
NVD GitHub VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally. [CVSS 7.8 HIGH]

Use After Free Microsoft Memory Corruption +2
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. [CVSS 7.8 HIGH]

Microsoft Use After Free Denial Of Service +6
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Privilege escalation in Windows DWM Core Library affects Windows 10 versions 21H2 and 1809 through a use-after-free memory corruption vulnerability that allows authenticated local attackers to gain system-level privileges. The vulnerability requires local access and valid user credentials but no user interaction, creating a significant risk for multi-user systems. No patch is currently available.

Use After Free Microsoft Denial Of Service +7
NVD VulDB
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Windows Ancillary Function Driver for WinSock (AFD) in Windows 11 versions 24h2 and 26h1 contains a use-after-free vulnerability (CWE-416) that allows authenticated local attackers to escalate privileges through memory corruption. An attacker with local access could exploit this flaw to gain elevated system permissions, though no official patch is currently available.

Use After Free Microsoft Denial Of Service +16
NVD VulDB
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Privilege escalation in Windows Authentication Methods (Windows 10 22H2, Windows 11 26H1) stems from a use-after-free memory vulnerability that allows authenticated local attackers to gain elevated system privileges. The flaw requires low user privileges and manual interaction but provides complete system compromise through code execution. No patch is currently available for this high-severity vulnerability.

Use After Free Microsoft Denial Of Service +16
NVD VulDB
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Use after free in Windows Hyper-V allows an authorized attacker to elevate privileges locally. [CVSS 7.0 HIGH]

Use After Free Microsoft Denial Of Service +9
NVD VulDB
EPSS 0% CVSS 7.4
HIGH PATCH This Week

Privilege escalation in Microsoft's Brokering File System on Windows 11 (24h2 and 25h2) stems from a use-after-free vulnerability that allows local attackers to gain elevated system privileges. An attacker with local access can exploit memory corruption to execute arbitrary code with higher privileges, potentially compromising system integrity. No patch is currently available for this vulnerability.

Microsoft Use After Free Denial Of Service +5
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Privilege escalation in Windows Connected Devices Platform Service (Cdpsvc) exploits a use-after-free memory vulnerability, affecting Windows 10 22h2 and Windows 11 (25h2, 26h1). An authenticated local attacker can leverage this flaw to gain system-level privileges on vulnerable systems. No patch is currently available for this high-severity vulnerability.

Use After Free Denial Of Service Memory Corruption +12
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally. [CVSS 7.8 HIGH]

Use After Free Microsoft Denial Of Service +15
NVD VulDB
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Use after free in Windows Win32K allows an authorized attacker to elevate privileges locally. [CVSS 7.0 HIGH]

Use After Free Microsoft Denial Of Service +1
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Remote code execution in Microsoft Windows Print Spooler Components via use-after-free memory corruption enables authenticated network attackers to execute arbitrary code with high privileges. The vulnerability requires valid credentials but no user interaction, presenting a significant risk to organizations where print services are accessible to untrusted internal or remote users. No patch is currently available.

Use After Free Microsoft Denial Of Service +2
NVD VulDB
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Use after free in Broadcast DVR allows an authorized attacker to elevate privileges locally. [CVSS 7.0 HIGH]

Use After Free Windows 10 1809 Windows 11 26h1 +6
NVD VulDB
EPSS 0% CVSS 4.0
MEDIUM PATCH This Month

ImageMagick versions prior to 7.1.2-16 and 6.9.13-41 contain a heap-use-after-free vulnerability in the MSL encoder that can be triggered by local attackers to cause denial of service through double-free conditions on cloned images. The vulnerability requires local access with no special privileges or user interaction, resulting in application crashes or potential memory corruption. No patch is currently available for affected versions.

Use After Free Imagemagick Red Hat +1
NVD GitHub VulDB
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Heap use-after-free in ImageMagick's MSL decoder (versions before 7.1.2-16 and 6.9.13-41) allows remote attackers to trigger memory access violations via specially crafted MSL files, resulting in denial of service. The vulnerability requires no authentication or user interaction and affects systems processing untrusted image files. No patch is currently available for this MEDIUM severity issue.

Use After Free Imagemagick Red Hat +1
NVD GitHub VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

PJSIP versions prior to 2.17 contain a heap use-after-free vulnerability in the event subscription framework that can be triggered through presence unsubscription requests, allowing remote attackers without authentication to cause denial of service. The vulnerability resides in the evsub.c component and is exploitable over the network with no user interaction required. A patch is available in version 2.17 and later.

Use After Free Pjsip Red Hat
NVD GitHub VulDB
EPSS 0%
This Week

Ubuntu Linux 6.8 GA retains the legacy AF_UNIX garbage collector but backports upstream commit 8594d9b85c07 ("af_unix: Don’t call skb_get() for OOB skb"). When orphaned MSG_OOB sockets hit unix_gc(), the garbage collector still calls kfree_skb() as if OOB SKBs held two references; on Ubuntu Linux 6.8 (Noble Numbat) kernel tree, they have only the queue reference, so the buffer is freed while still reachable and subsequent queue walks dereference freed memory, yielding a reliable local privile...

Linux Ubuntu Use After Free +2
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform. [CVSS 5.3 MEDIUM]

Memory Corruption Use After Free Buffer Overflow +1
NVD GitHub VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

A use-after-free vulnerability in the Linux kernel's f2fs filesystem allows a local attacker with user privileges to trigger memory corruption and crash the system through a race condition between I/O completion and filesystem unmount operations. The vulnerability occurs when a loop device completes write operations concurrently with an unmount that frees filesystem structures still being accessed by pending I/O handlers. This issue has no available patch and requires kernel-level access to exploit.

Linux Use After Free Information Disclosure +4
NVD VulDB
EPSS 0% 5.1 CVSS 7.8
HIGH POC PATCH Act Now

A use-after-free vulnerability in the Linux kernel's netfilter nf_tables chain registration allows local attackers with user privileges to trigger memory corruption and cause a denial of service, potentially leading to privilege escalation. The flaw occurs when hook registration fails during chain addition, allowing concurrent operations to access freed memory without proper RCU synchronization. The vulnerability affects systems running vulnerable Linux kernels with netfilter enabled, and no patch is currently available.

Linux Use After Free Information Disclosure +1
NVD VulDB Exploit-DB
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

The ARM SMMU v3 driver in Android contains a use-after-free vulnerability in the smmu_detach_dev function that could allow a local privileged attacker to execute arbitrary code with system privileges. An attacker with high-level system access can trigger an out-of-bounds write to escalate privileges without requiring user interaction. A patch is available to address this issue.

Use After Free Privilege Escalation Android +1
NVD
EPSS 0% CVSS 7.0
HIGH This Week

In multiple functions of Nfc.h, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. [CVSS 7.0 HIGH]

Use After Free Privilege Escalation Race Condition +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Local privilege escalation in Android's display subsystem exploits a use-after-free memory corruption vulnerability to elevate from system-level privileges, requiring no user interaction. An attacker with pre-existing system access can trigger the memory corruption to gain complete control over the affected device. No patch is currently available to remediate this issue.

Use After Free Memory Corruption Privilege Escalation +2
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

Android's display subsystem crashes due to a use-after-free memory error that allows a privileged local attacker to trigger a denial of service without user interaction. Exploitation requires pre-existing system-level access, limiting impact to scenarios where an attacker has already compromised the device at the highest privilege level. No patch is currently available for this vulnerability.

Use After Free Denial Of Service Android +1
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

Android's imgsys component is vulnerable to a use-after-free condition that enables local denial of service attacks. Exploitation requires system-level privileges and causes immediate system crashes without user interaction. No patch is currently available for this vulnerability.

Use After Free Denial Of Service Android +1
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

Android MAE component is vulnerable to a use-after-free condition that can trigger a system crash, resulting in denial of service for devices where an attacker has already obtained system-level privileges. No user interaction is required for exploitation. Currently, no patch is available for this vulnerability.

Use After Free Denial Of Service Android +1
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

FreeRDP versions prior to 3.23.0 contain an incomplete fix for a heap-use-after-free vulnerability that affects only the SDL2 code path, where freed memory pointers are not properly nulled, allowing an unauthenticated attacker to trigger a denial of service condition. Users running FreeRDP with SDL2 backends remain vulnerable despite the advisory claiming the issue was resolved. Upgrade to version 3.23.0 or later to obtain the complete fix.

Use After Free Freerdp Red Hat +1
NVD GitHub VulDB
EPSS 0% CVSS 9.8
CRITICAL POC PATCH Act Now

Use-after-free in FreeRDP xf_clipboard_format_equal before 3.23.0. Clipboard format comparison uses freed memory. Fifth FreeRDP UAF. PoC and patch available.

Use After Free Freerdp Red Hat +1
NVD GitHub VulDB
EPSS 0% CVSS 9.8
CRITICAL POC PATCH Act Now

Use-after-free in FreeRDP xf_cliprdr_provide_data clipboard handling before 3.23.0. Clipboard data exchange triggers memory corruption. PoC and patch available.

Use After Free Freerdp Red Hat +1
NVD GitHub VulDB
EPSS 0% CVSS 9.8
CRITICAL POC PATCH Act Now

Use-after-free in FreeRDP xf_AppUpdateWindowFromSurface before 3.23.0. Different code path from CVE-2026-25953. PoC and patch available.

Use After Free Freerdp Red Hat +1
NVD GitHub VulDB
EPSS 0% CVSS 9.8
CRITICAL POC PATCH Act Now

Use-after-free in FreeRDP xf_AppUpdateWindowFromSurface before 3.23.0. Surface-to-window update triggers memory corruption. PoC and patch available.

Use After Free Freerdp Red Hat +1
NVD GitHub VulDB
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

A use-after-free vulnerability in Firefox and Thunderbird's JavaScript WebAssembly engine allows remote attackers to achieve information disclosure or data manipulation through a malicious webpage or email attachment that requires user interaction. Affected versions include Firefox below 148 and Thunderbird below 148, with no patch currently available. The vulnerability has a network attack vector with low complexity and carries a CVSS score of 5.4.

Use After Free Memory Corruption Mozilla +1
NVD
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

Use-after-free in Firefox DOM Core & HTML before 148. DOM object lifecycle error.

Use After Free Memory Corruption Mozilla +2
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

A use-after-free vulnerability in Firefox and Thunderbird's DOM processing allows remote attackers to execute arbitrary code through a malicious webpage or email attachment, requiring only user interaction to trigger. This affects Firefox versions below 148 and Thunderbird versions below 148, with no patch currently available.

Use After Free Memory Corruption Mozilla +2
NVD VulDB
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

Use-after-free in Firefox JavaScript GC before 148. Second GC UAF, different from CVE-2026-2795.

Use After Free Memory Corruption Mozilla +2
NVD VulDB
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

Use-after-free in Firefox JavaScript GC component before 148. GC-specific UAF affecting only mainline Firefox and Thunderbird.

Use After Free Memory Corruption Mozilla +2
NVD VulDB
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

Use-after-free in Firefox ImageLib graphics component before 148. Image processing triggers use of freed memory.

Use After Free Memory Corruption Mozilla +1
NVD
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

Use-after-free in Firefox DOM Window and Location component before 148. Window/Location lifecycle management error.

Use After Free Memory Corruption Mozilla +1
NVD
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

Use-after-free in Firefox JavaScript Engine before 148. Fourth distinct JS engine UAF in this release.

Use After Free Memory Corruption Mozilla +1
NVD
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

Use-after-free in Firefox Audio/Video Playback component before 148. Media playback triggers memory corruption.

Use After Free Memory Corruption Mozilla +2
NVD VulDB
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

Use-after-free in Firefox DOM Bindings (WebIDL) component before 148. Memory corruption in the interface between JavaScript and native DOM objects.

Use After Free Memory Corruption Mozilla +2
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

A use-after-free vulnerability in the IndexedDB storage component of Firefox and Thunderbird allows remote attackers to achieve arbitrary code execution through user interaction. Affected versions include Firefox below 148, Firefox ESR below 115.33 and 140.8, and Thunderbird below 148 and 140.8. No patch is currently available for this high-severity flaw.

Use After Free Memory Corruption Mozilla +2
NVD VulDB
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

Use-after-free in Firefox JavaScript WebAssembly component before 148. WebAssembly-specific memory management bug.

Use After Free Memory Corruption Mozilla +2
NVD VulDB
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

Use-after-free in Firefox JavaScript JIT compiler before 148. Second JIT-related UAF in this release, different from CVE-2026-2764.

Use After Free Memory Corruption Mozilla +2
NVD VulDB
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

Use-after-free in Firefox JavaScript Engine before 148 and Thunderbird ESR 140.8. Separate UAF from CVE-2026-2763 and CVE-2026-2758.

Use After Free Memory Corruption Mozilla +2
NVD VulDB
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

JIT miscompilation causing use-after-free in Firefox JavaScript JIT compiler before 148. JIT bugs are highly exploitable due to their deterministic nature.

Use After Free Memory Corruption Mozilla +2
NVD VulDB
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

Use-after-free in Firefox JavaScript Engine before 148. One of multiple JS engine UAFs fixed in this release.

Use After Free Memory Corruption Mozilla +2
NVD VulDB
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

Use-after-free in Firefox JavaScript garbage collector before 148 allows remote code execution through crafted JavaScript.

Use After Free Memory Corruption Mozilla +2
NVD VulDB
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

ImageMagick versions prior to 7.1.2-15 and 6.9.13-40 are vulnerable to a heap-use-after-free condition when processing specially crafted MSL scripts, allowing unauthenticated remote attackers to cause denial of service. The vulnerability occurs when the operation element handler frees image data while the parser continues accessing it, leading to memory corruption during subsequent parsing operations. No patch is currently available for affected versions.

Use After Free Imagemagick Red Hat +1
NVD GitHub VulDB
EPSS 0% CVSS 4.7
MEDIUM This Month

Tanium addressed a use-after-free vulnerability in the Cloud Workloads Enforce client extension. [CVSS 4.7 MEDIUM]

Use After Free Cloud Workloads
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

PJSIP versions before 2.17 contain a use-after-free vulnerability in the H.264 packetizer that allows local attackers with user privileges to cause denial of service through malformed H.264 bitstreams lacking proper NAL unit markers. The flaw stems from inadequate pointer validation during packet processing, enabling out-of-bounds memory access that crashes the application. A patch is available in version 2.17 and later.

Use After Free Pjsip
NVD GitHub
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Use-after-free in Linux kernel's Exynos Virtual Display (drm/exynos vidi) driver allows local authenticated users to potentially execute arbitrary code, escalate privileges, or cause denial of service. The vulnerability stems from missing lock protection during concurrent memory allocation/deallocation operations in the vidi_context structure. EPSS score of 0.02% indicates low observed exploitation probability. Vendor patches available across multiple kernel stable branches.

Linux Use After Free Information Disclosure +2
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

The Linux kernel ksmbd subsystem contains a use-after-free vulnerability in multi-channel session handling due to missing synchronization on the ksmbd_chann_list xarray, allowing a local attacker with user privileges to cause memory corruption and potentially execute arbitrary code. The vulnerability affects the channel lookup and deletion operations between multiple concurrent sessions. A patch is available to add proper locking mechanisms to protect xarray access.

Linux Use After Free Memory Corruption +3
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

The Linux kernel erofs file system contains a use-after-free vulnerability in direct I/O file-backed mount operations that allows local attackers with user privileges to cause memory corruption and potentially achieve code execution or denial of service. The vulnerability occurs when accessing files through the directio option, where freed memory is subsequently accessed during I/O operations. A patch is not currently available, making this a critical concern for systems running affected Linux kernel versions.

Linux Information Disclosure Memory Corruption +3
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Use-after-free vulnerability in Linux kernel XFS subsystem allows local attackers with unprivileged access to cause memory corruption and potential privilege escalation through improper pointer dereferencing in the btree block owner checking function. The flaw stems from attempting to access freed memory due to incorrect temporal ordering of operations when determining cursor aliases. This vulnerability affects all Linux systems using XFS and currently lacks a patch.

Linux Information Disclosure Memory Corruption +4
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

The Linux kernel's fsl-mc bus driver contains a use-after-free vulnerability in the driver_override_show() function that reads device configuration without proper locking, allowing a local privileged user to trigger memory corruption by concurrently modifying the same data. This vulnerability affects Linux systems running vulnerable kernel versions and could enable local denial of service or potential privilege escalation through heap memory manipulation. No patch is currently available for this issue.

Linux Use After Free Information Disclosure +4
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

A use-after-free vulnerability in the Linux kernel's iSCSI target implementation allows local attackers with low privileges to cause memory corruption and potential denial of service by exploiting a race condition in the connection usage counting mechanism. The flaw occurs when a spinlock is released after calling complete(), allowing a waiting thread to free the connection structure before the current thread finishes its unlock operation. No patch is currently available for this vulnerability.

Linux Use After Free Memory Corruption +4
NVD VulDB
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Use After Free vulnerability in Apache Arrow C++. This issue affects Apache Arrow C++ from 15.0.0 through 23.0.0. [CVSS 7.0 HIGH]

Apache Python Ruby +6
NVD GitHub
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Local privilege escalation in the Linux kernel macvlan driver allows a local attacker with user privileges to cause memory corruption and kernel crashes through improper error handling in macvlan_common_newlink(). The vulnerability stems from a use-after-free condition when macvlan link creation fails during device registration, enabling denial of service and potential privilege escalation on affected systems.

Linux Use After Free Denial Of Service +3
NVD VulDB
EPSS 0%
PATCH Monitor

In the Linux kernel, the following vulnerability has been resolved: spi: tegra210-quad: Protect curr_xfer in tegra_qspi_combined_seq_xfer The curr_xfer field is read by the IRQ handler without holding the lock to check if a transfer is in progress.

Linux Use After Free Null Pointer Dereference +1
NVD VulDB
EPSS 0% CVSS 7.0
HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: cgroup/dmem: avoid pool UAF An UAF issue was observed: BUG: KASAN: slab-use-after-free in page_counter_uncharge+0x65/0x150 Write of size 8 at addr ffff888106715440 by task insmod/527 CPU: 4 UID: 0 PID: 527 Comm: insmod 6.19.0-rc7-next-20260129+ #11 Tainted: [O]=OOT_MODULE Call Trace: <TASK> dump_stack_lvl+0x82/0xd0 kasan_report+0xca/0x100 kasan_check_range+0x39/0x1c0 page_counter_uncharge+0x65/0x150 dmem_cgroup_uncharge+0x1f/0x260 Allocated by task 527: Freed by task 0: The buggy address belongs to the object at ffff888106715400 which belongs to the cache kmalloc-512 of size 512 The buggy address is located 64 bytes inside of freed 512-byte region [ffff888106715400, ffff888106715600) The buggy address belongs to the physical page: Memory state around the buggy address: ffff888106715300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc ffff888106715380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc >ffff888106715400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb ^ ffff888106715480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb ffff888106715500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb The issue occurs because a pool can still be held by a caller after its associated memory region is unregistered.

Linux Use After Free Memory Corruption +3
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count() In iscsit_dec_session_usage_count(), the function calls complete() while holding the sess->session_usage_lock.

Linux Use After Free Memory Corruption +3
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: linkwatch: use __dev_put() in callers to prevent UAF After linkwatch_do_dev() calls __dev_put() to release the linkwatch reference, the device refcount may drop to 1.

Linux Debian Use After Free +4
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

The Linux kernel's ALSA loopback driver contains a use-after-free vulnerability in the PCM trigger callback due to inadequate locking when accessing shared cable state during concurrent stream operations. A local attacker with minimal privileges can trigger this flaw by rapidly opening, closing, and triggering PCM streams, potentially causing kernel crashes or memory corruption. No patch is currently available for this vulnerability.

Linux Information Disclosure Memory Corruption +3
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

The Linux kernel iwlwifi driver fails to properly cancel the mlo_scan_start_wk work queue item during disconnection, allowing it to execute after associated data structures are freed or modified. A local attacker with standard user privileges can trigger use-after-free or initialization-after-free memory corruption by manipulating interface state transitions, potentially leading to denial of service or privilege escalation. No patch is currently available.

Linux Use After Free Memory Corruption +1
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

A use-after-free vulnerability in the Linux kernel's binder subsystem allows local attackers with low privileges to cause memory corruption by accessing transaction objects after they have been freed during frozen target thawing. The flaw exists in binder_netlink_report() which dereferences a transaction pointer following a BR_TRANSACTION_PENDING_FROZEN error, potentially enabling denial of service or local privilege escalation. No patch is currently available.

Linux Use After Free Memory Corruption +3
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

The Linux kernel bonding driver contains a use-after-free vulnerability in the slave device initialization path that allows local attackers with user privileges to cause memory corruption or denial of service. The flaw occurs when slave array updates happen before XDP setup completion, enabling the new slave to be used for transmission before being freed by error cleanup handlers. This affects Debian, Ubuntu, and other Linux distributions running vulnerable kernel versions.

Linux Debian Use After Free +3
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

A use-after-free vulnerability in the Linux kernel's gpio-virtuser configfs release path allows local users with standard privileges to trigger memory corruption and potentially achieve code execution by causing mutex operations on freed memory. The flaw exists because the device structure is freed while a mutex guard scope is still active, leading to undefined behavior when the guard attempts to unlock the already-destroyed mutex. This vulnerability affects Linux systems with the affected kernel versions and requires local access to exploit.

Linux Use After Free Memory Corruption +4
NVD VulDB
EPSS 0% 4.8 CVSS 8.8
HIGH POC KEV PATCH THREAT Act Now

Google Chrome's CSS engine contains a use-after-free vulnerability (CVE-2026-2441, CVSS 8.8) that allows remote attackers to execute arbitrary code within the browser sandbox through crafted HTML pages. KEV-listed with public PoC, this vulnerability enables drive-by exploitation when users visit malicious or compromised websites.

Google Use After Free Chrome +2
NVD GitHub VulDB Exploit-DB
EPSS 0% CVSS 7.8
HIGH PATCH Act Now

A use-after-free vulnerability in the Linux kernel's netfilter nf_tables module allows local attackers with unprivileged access to cause memory corruption and denial of service through an inverted logic check in catchall map element activation during failed transactions. The flaw occurs in nft_map_catchall_activate() which incorrectly processes already-active elements instead of inactive ones, potentially leading to privilege escalation or system crash. No patch is currently available.

Linux Use After Free Privilege Escalation +1
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Heap corruption in Google Chrome's Ozone component (versions prior to 145.0.7632.45) stems from a use-after-free vulnerability that can be triggered when users interact with malicious HTML pages through specific UI gestures. An unauthenticated remote attacker can exploit this to achieve arbitrary code execution with high impact on confidentiality, integrity, and availability. No patch is currently available, leaving affected Chrome users vulnerable to exploitation.

Google Use After Free Chrome +2
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Heap corruption in Google Chrome's CSS engine prior to version 145.0.7632.45 can be triggered through crafted HTML pages, enabling remote attackers to achieve arbitrary code execution without user interaction beyond viewing a malicious webpage. The vulnerability stems from a use-after-free memory flaw that affects all Chrome users, and currently no patch is available. With a CVSS score of 8.8 and low exploit difficulty, this represents a critical risk to active Chrome installations.

Google Use After Free Chrome +2
NVD
EPSS 0%
This Week

A use after free in the SEV firmware could allow a malicous hypervisor to activate a migrated guest with the SINGLE_SOCKET policy on a different socket than the migration agent potentially resulting in loss of integrity.

Use After Free
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Arbitrary code execution in Adobe After Effects 25.6 and earlier through a use-after-free memory vulnerability requires user interaction to open a specially crafted file. An attacker can exploit this flaw to execute malicious code with the privileges of the affected user. No patch is currently available.

Use After Free After Effects
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Arbitrary code execution in Adobe After Effects 25.6 and earlier via a use-after-free memory vulnerability that executes with user privileges when opening a malicious file. The vulnerability requires user interaction but has no available patch, leaving affected systems at risk from social engineering attacks delivering weaponized project files.

Use After Free After Effects
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Arbitrary code execution in Adobe After Effects 25.6 and earlier through a use-after-free memory vulnerability requires victims to open a malicious file. An attacker can execute commands with the privileges of the affected user without requiring special permissions. No patch is currently available for this high-severity vulnerability.

Use After Free After Effects
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Arbitrary code execution in Adobe After Effects versions 25.6 and earlier through a use-after-free vulnerability that requires a user to open a malicious file. An attacker can execute arbitrary code with the privileges of the affected user by crafting a specially designed file. No patch is currently available.

Use After Free After Effects
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Arbitrary code execution in Adobe After Effects 25.6 and earlier through a use-after-free flaw allows attackers to execute commands with user privileges when a victim opens a crafted file. The vulnerability requires user interaction but poses high risk to creative professionals and design teams. No patch is currently available.

Use After Free After Effects
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Use after free in Mailslot File System allows an authorized attacker to elevate privileges locally. [CVSS 7.0 HIGH]

Use After Free Denial Of Service Memory Corruption
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Privilege escalation in Windows Cluster Client Failover exploits a use-after-free memory vulnerability, enabling authenticated local users to gain elevated system privileges. The flaw affects Windows Server 2016, 2019, and 2025 installations where an attacker with existing local access can trigger the vulnerability through the failover clustering component. No patch is currently available for this high-severity vulnerability.

Windows Use After Free Windows Server 2019 +5
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Windows Subsystem for Linux contains a use-after-free vulnerability that enables local privilege escalation for authenticated users. An attacker with valid local access could exploit this memory safety flaw to gain elevated system privileges on affected Windows Server 2022 systems.

Linux Windows Use After Free +9
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Windows Ancillary Function Driver for WinSock in Windows 11 23h2 and Windows Server 2022 23h2 contains a use-after-free vulnerability that allows authenticated local users to achieve privilege escalation. An attacker with local access and valid credentials can trigger the memory safety flaw to gain elevated system privileges. No patch is currently available for this HIGH severity vulnerability.

Windows Use After Free Windows Server 2022 23h2 +6
NVD
EPSS 0% CVSS 7.3
HIGH PATCH This Week

Privilege escalation in Microsoft Graphics Component via use-after-free memory corruption affects Windows Server 2019 and 2012, allowing authenticated local attackers to gain elevated system privileges with user interaction. The vulnerability poses a significant risk in industrial environments where Windows Server hosts critical infrastructure. No patch is currently available for this high-severity issue.

Microsoft Industrial Use After Free +9
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

FreeRDP versions prior to 3.22.0 contain a use-after-free vulnerability in the audio playback subsystem where the RDPSND async thread processes queued audio packets after the channel has been closed and its internal state freed, causing a denial of service. The vulnerability affects systems running vulnerable FreeRDP versions and can be exploited remotely without authentication or user interaction. A patch is available in FreeRDP 3.22.0 and later.

Use After Free Freerdp Red Hat +1
NVD GitHub VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

FreeRDP versions prior to 3.22.0 contain a use-after-free vulnerability in the input event handling mechanism where unsynchronized access to cached channel callbacks can be freed or reinitialized by concurrent channel closure operations. An attacker with network access can trigger a denial of service condition by exploiting this race condition. A patch is available in version 3.22.0 and later.

Use After Free Freerdp Red Hat +1
NVD GitHub VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

FreeRDP versions prior to 3.22.0 contain a use-after-free vulnerability in the URBDRC channel handler where asynchronous bulk transfer completions reference freed memory after channel closure, enabling denial of service attacks. An unauthenticated remote attacker can trigger this condition through malformed RDP protocol messages to crash the FreeRDP service. A patch is available in version 3.22.0 and later.

Use After Free Freerdp Red Hat +1
NVD GitHub VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

FreeRDP versions prior to 3.22.0 contain a use-after-free vulnerability in pointer handling where sdl_Pointer_New and sdl_Pointer_Free both attempt to free the same memory, causing a denial of service condition. An attacker with network access can trigger this memory corruption to crash RDP client instances without authentication. The vulnerability affects all users of vulnerable FreeRDP versions and is resolved in version 3.22.0 and later.

Use After Free Freerdp Red Hat +1
NVD GitHub VulDB
Prev Page 14 of 69 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy