Use-After-Free

A heap use-after-free vulnerability (CVE-2026-54897) exists in `Oj::Doc` iterators (`each_value`, `each_child`, `each_leaf`) in the `oj` Ruby gem, allowing an attacker to cause application crashes or unpredictable behavior when a Ruby block yielded during iteration reentrantly calls `doc.close` or `d.close`.

CVE-2010-0806 is a use-after-free vulnerability in Microsoft Internet Explorer that allows remote attackers to execute arbitrary code by accessing an invalid pointer after object deletion; mitigations should be applied or product utilization discontinued.

Microsoft Internet Explorer is vulnerable to a use-after-free vulnerability (CVE-2010-0249) that allows remote attackers to execute arbitrary code by accessing a pointer associated with a deleted object.

A race condition in ISC BIND can lead to a use-after-free vulnerability (CVE-2026-5947) when handling SIG(0) signed DNS messages, potentially leading to undefined behavior.

A use-after-free vulnerability in the DNS-over-HTTPS implementation of BIND 9 versions 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, and 9.20.9-S1 through 9.20.22-S1 could allow an attacker to cause a denial of service or potentially execute arbitrary code.

Radare2 version 6.1.5 contains a use-after-free vulnerability (CVE-2026-8696) in the gdbr_pids_list() function, allowing remote attackers to cause a denial of service or potentially execute arbitrary code via malformed thread information responses.

CVE-2026-41095 is a use-after-free vulnerability in the Data Deduplication component of Windows that allows an authenticated attacker to elevate privileges locally.

CVE-2026-40419 is a use-after-free vulnerability in Microsoft Office that allows an authenticated, local attacker to elevate privileges.

CVE-2026-40418 is a use-after-free vulnerability in Microsoft Office Click-To-Run that allows an authorized attacker to elevate privileges locally.

CVE-2026-40415 is a use-after-free vulnerability in Windows TCP/IP that allows an unauthorized attacker to execute code over a network.

CVE-2026-40406 is a use-after-free vulnerability in Windows TCP/IP that allows an unauthorized attacker to disclose sensitive information over a network.

CVE-2026-40382 is a use-after-free vulnerability in the Windows Telephony Service that allows an authorized attacker to elevate privileges locally.

CVE-2026-40366 is a use-after-free vulnerability in Microsoft Office Word allowing local code execution by an unauthorized attacker.

CVE-2026-40402 is a use-after-free vulnerability in Windows Hyper-V, enabling an unauthorized local attacker to escalate privileges.

CVE-2026-40361 is a use-after-free vulnerability in Microsoft Office Word that allows an unauthorized attacker to execute code locally.

CVE-2026-40359 is a use-after-free vulnerability in Microsoft Office Excel that allows a local attacker to execute arbitrary code by exploiting memory corruption.

CVE-2026-40358 describes a use-after-free vulnerability in Microsoft Office that could allow an unauthorized local attacker to execute code with elevated privileges.

CVE-2026-35418 is a use-after-free vulnerability in the Windows Cloud Files Mini Filter Driver that allows an authorized local attacker to elevate privileges.

CVE-2026-35416 is a use-after-free vulnerability in the Windows Ancillary Function Driver for WinSock, enabling a locally authorized attacker to escalate privileges.

Adobe Premiere Pro versions 26.0.2, 25.6.4 and earlier are affected by a Use After Free vulnerability (CVE-2026-34638) that could lead to arbitrary code execution in the context of the current user if a malicious file is opened.

CVE-2026-34347 is a use-after-free vulnerability in Windows Win32K - GRFX that allows an authorized local attacker to elevate privileges.

CVE-2026-34340 is a use-after-free vulnerability in the Windows Projected File System that allows an authorized attacker to elevate privileges locally.

CVE-2026-34337 is a use-after-free vulnerability in the Windows Cloud Files Mini Filter Driver, allowing a locally authorized attacker to escalate privileges.

CVE-2026-34332 is a use-after-free vulnerability in Windows Kernel-Mode Drivers that allows an authorized attacker to execute code over a network.

CVE-2026-33840 is a use-after-free vulnerability in the Windows Win32K ICOMP component, allowing a locally authenticated attacker to elevate privileges.

CVE-2025-37750 is a use-after-free vulnerability in the SMB client related to decryption with multichannel that could lead to code execution.

CVE-2026-31718 is a use-after-free vulnerability in the ksmbd kernel module, specifically in the __ksmbd_close_fd() function, which can be triggered via the durable scavenger mechanism, potentially leading to arbitrary code execution.

CVE-2026-7928 is a use-after-free vulnerability in the WebRTC component of Chromium, affecting Google Chrome and Microsoft Edge (Chromium-based) and potentially allowing for arbitrary code execution.

CVE-2026-7925 is a use-after-free vulnerability in the Chromoting component of Google Chrome, also affecting Microsoft Edge.

CVE-2026-7906 is a use-after-free vulnerability in the SVG component of Chromium, also affecting Microsoft Edge.

A use-after-free vulnerability in the ANGLE graphics engine within Chromium (CVE-2026-7359) allows for potential exploitation in Google Chrome and Microsoft Edge.

CVE-2026-7355 is a use-after-free vulnerability in the Media component of Chromium, affecting Google Chrome and Microsoft Edge, potentially allowing for arbitrary code execution.

CVE-2026-7357 is a use-after-free vulnerability in the GPU component of Chromium that also affects Microsoft Edge, potentially leading to arbitrary code execution.

CVE-2026-7333 is a use-after-free vulnerability in the GPU component of Chromium, affecting Google Chrome and Microsoft Edge, potentially leading to arbitrary code execution.

CVE-2026-7348 is a use-after-free vulnerability in the Codecs component of Chromium, affecting Google Chrome and Microsoft Edge.

CVE-2026-7349 is a use-after-free vulnerability in the Cast component of Chromium, affecting Google Chrome and Microsoft Edge.

CVE-2026-7338 is a use-after-free vulnerability in the Cast component of Chromium, affecting Google Chrome and Microsoft Edge, potentially leading to arbitrary code execution.

A use-after-free vulnerability (CVE-2026-6310) in Google Chrome's Dawn component allows a remote attacker, having compromised the renderer process, to potentially execute a sandbox escape via a specially crafted HTML page.

A use-after-free vulnerability in Google Chrome's CSS engine (CVE-2026-6300) allows a remote attacker to execute arbitrary code within a sandbox by exploiting a crafted HTML page.

rsync versions 3.0.1 through 3.4.1 are vulnerable to a use-after-free vulnerability in the receive_xattr function during a qsort call, triggered by an untrusted length value when the -X/--xattrs option is used, potentially leading to code execution.

CVE-2026-6297 is a critical use-after-free vulnerability in the Proxy component of Google Chrome before version 147.0.7727.101, enabling a privileged network attacker to potentially achieve sandbox escape via a crafted HTML page.

CVE-2026-32080 is a use-after-free vulnerability in the Windows WalletService, allowing a locally authorized attacker to elevate privileges.

CVE-2026-23657 is a use-after-free vulnerability in Microsoft Office Word allowing a local attacker to execute arbitrary code with user privileges.

A use-after-free vulnerability in Microsoft Office Word (CVE-2026-33095) could allow a local attacker to execute arbitrary code by opening a specially crafted document.

CVE-2026-32198 is a use-after-free vulnerability in Microsoft Office Excel that allows an attacker to execute code locally on a vulnerable system.

CVE-2026-32189 is a use-after-free vulnerability in Microsoft Excel that allows a local attacker to execute arbitrary code by exploiting memory corruption.

A use-after-free vulnerability exists in libsixel versions 1.8.7 and prior when processing animated GIFs due to improper frame buffer management, potentially leading to code execution.

CVE-2026-33101 is a use-after-free vulnerability in the Windows Print Spooler Components that allows an authenticated local attacker to elevate privileges.

A use-after-free vulnerability, CVE-2026-33099, in the Windows Ancillary Function Driver for WinSock, enables a locally authenticated attacker to elevate privileges on the system.

CVE-2026-33098 is a use-after-free vulnerability in the Windows Container Isolation FS Filter Driver that allows a locally authorized attacker to elevate privileges.

CVE-2026-32157 is a use-after-free vulnerability in the Remote Desktop Client that allows an unauthorized attacker to execute code over a network.

CVE-2026-32155 is a use-after-free vulnerability in the Desktop Window Manager that allows an authorized attacker to escalate privileges locally on a Windows system.

CVE-2026-32152 is a use-after-free vulnerability in the Desktop Window Manager (dwm.exe) that allows an authorized local attacker to elevate privileges.

CVE-2026-27917 is a use-after-free vulnerability in the Windows WFP NDIS Lightweight Filter Driver (wfplwfs.sys) that allows a locally authorized attacker to elevate privileges.

CVE-2026-27909 is a use-after-free vulnerability in the Microsoft Windows Search Component that allows a locally authorized attacker to escalate privileges.

A use-after-free vulnerability, CVE-2026-27908, exists in the Windows TDI Translation Driver (tdx.sys), allowing a locally authenticated attacker to elevate privileges.

CVE-2026-26182 is a use-after-free vulnerability in the Windows Ancillary Function Driver for WinSock, allowing a locally authorized attacker to elevate privileges.

CVE-2026-26181 is a use-after-free vulnerability in the Microsoft Brokering File System that enables a locally authenticated attacker to escalate privileges on the system.

CVE-2026-32156 is a use-after-free vulnerability in the Windows Universal Plug and Play (UPnP) Device Host service that allows an unauthorized attacker to execute code locally.

CVE-2026-33100 is a use-after-free vulnerability in the Windows Ancillary Function Driver for WinSock, allowing a locally authorized attacker to elevate privileges.

CVE-2026-32224 is a use-after-free vulnerability in the Windows Server Update Service that allows a locally authenticated attacker to elevate privileges.

CVE-2026-32200 is a use-after-free vulnerability in Microsoft Office PowerPoint that allows an unauthorized attacker to achieve local code execution by enticing a user to open a specially crafted PowerPoint document.

CVE-2026-32165 is a use-after-free vulnerability in Windows User Interface Core that allows a locally authenticated attacker to elevate privileges.

A use-after-free vulnerability, CVE-2026-32070, exists in the Windows Common Log File System (CLFS) driver, enabling a locally authenticated attacker to escalate privileges on a vulnerable system.

A use-after-free vulnerability exists in the Wi-Fi driver of Samsung Mobile and Wearable Processors Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930, and W1000 due to improper synchronization on a global variable, allowing attackers to trigger a race condition and potentially execute arbitrary code.

A use-after-free vulnerability, identified as CVE-2026-21380, exists due to memory corruption when using deprecated DMABUF IOCTL calls for video memory management, potentially leading to arbitrary code execution.

A use-after-free vulnerability (CVE-2026-34774) exists in Electron applications using offscreen rendering and allowing child windows, potentially leading to crashes or memory corruption if the parent WebContents is destroyed before the child window.

A use-after-free vulnerability exists in the `powerMonitor` module of Electron applications on Windows and macOS. When the native `PowerMonitor` object is garbage-collected, dangling references are retained by OS-level resources. Subsequent session-change events on Windows or system shutdowns on macOS may dereference freed memory, potentially leading to a crash or memory corruption.

CVE-2026-3779 is a use-after-free vulnerability in a Foxit application where stale references to page/form objects can lead to arbitrary code execution via crafted documents.

A use-after-free vulnerability, CVE-2026-4723, in the JavaScript Engine of Mozilla Firefox and Thunderbird before version 149 could allow arbitrary code execution if successfully exploited by an attacker.

A use-after-free vulnerability in the Canvas2D component of Mozilla Firefox and Thunderbird versions before 149 allows for a potential sandbox escape.

A use-after-free vulnerability in the Disability Access APIs component of Mozilla Firefox and Thunderbird (CVE-2026-4688) allows for sandbox escape, potentially leading to arbitrary code execution outside the sandbox.

A use-after-free vulnerability in Google Chrome's WebGPU component (CVE-2026-4678) allows a remote attacker to execute arbitrary code within a sandbox by crafting a malicious HTML page, affecting Chrome versions prior to 146.0.7680.165.

A use-after-free vulnerability (CVE-2026-4676) in Google Chrome before 146.0.7680.165 allows a remote attacker to potentially perform a sandbox escape via a crafted HTML page.

A use-after-free vulnerability in Google Chrome's FedCM component (CVE-2026-4680) allows a remote attacker to execute arbitrary code within a sandbox by exploiting a crafted HTML page.

CVE-2026-24082 is a use-after-free vulnerability in Qualcomm products that occurs when copying data from a freed source during a performance counter deselect operation, potentially leading to memory corruption and arbitrary code execution.

A local privilege escalation vulnerability exists in the Linux Kernel versions ~3.14+ through 6.18-rc5 due to a use-after-free in the proc_readdir_de() function, where a concurrent traversal can dereference a freed entry's fields during network device unregistration, leading to privilege escalation via modprobe_path overwrite.