Cwe 416

🧬 CWE Related 99
slug: cwe-416

Explanation

CWE-416は「メモリを解放した後にそのメモリを使ってしまう」欠陥です。 C/C++のような手動メモリ管理言語で頻発し、攻撃者はこれを利用して任意のコードを実行できることが多いです。 ブラウザのJavaScriptエンジン (V8, JavaScriptCore) でよく見つかり、ブラウザ経由のゼロデイ攻撃の典型的な原因となります。
📌 Example
Pwn2Own (年次ハッキングコンテスト) で、毎年ブラウザに対するUse-After-Free 攻撃が成功し、賞金10万ドル超を獲得する事例が続いています。

🔖 Related tags

🛡 Vulnerabilities tagged with this 1,401

ID Title
CVE-2026-12706 Use-After-Free in dos (CVE-2026-12706)
CVE-2026-11941 Use-After-Free in quiche (CVE-2026-11941)
CVE-2026-41156 Use-After-Free in CVE-2026-41156 (CVE-2026-41156)
CVE-2026-34192 Use-After-Free in CVE-2026-34192 (CVE-2026-34192)
CVE-2026-56131 Use-After-Free in libexpat-project (CVE-2026-56131)
CVE-2026-11791 Use-After-Free in dos (CVE-2026-11791)
CVE-2026-9158 Use-After-Free in eclipse (CVE-2026-9158)
CVE-2026-42530 Use-After-Free in nginx (CVE-2026-42530)
CVE-2026-12467 Use-After-Free in google (CVE-2026-12467)
CVE-2026-12452 Use-After-Free in google (CVE-2026-12452)
CVE-2026-12451 Use-After-Free in google (CVE-2026-12451)
CVE-2026-12462 Use-After-Free in google (CVE-2026-12462)
CVE-2026-12464 Use-After-Free in google (CVE-2026-12464)
CVE-2026-12443 Use-After-Free in google (CVE-2026-12443)
CVE-2026-12449 Use-After-Free in privilege-escalation (CVE-2026-12449)
CVE-2026-12445 Use-After-Free in google (CVE-2026-12445)
CVE-2026-12455 Use-After-Free in google (CVE-2026-12455)
CVE-2026-12441 Use-After-Free in google (CVE-2026-12441)
CVE-2026-12440 Use-After-Free in google (CVE-2026-12440)
CVE-2026-12439 Use-After-Free in google (CVE-2026-12439)
CVE-2026-12442 Use-After-Free in google (CVE-2026-12442)
CVE-2026-12437 Use-After-Free in Google chrome (CVE-2026-12437)
CVE-2026-0143 Use-After-Free in c (CVE-2026-0143)
CVE-2026-0137 Use-After-Free in c (CVE-2026-0137)
CVE-2026-0125 Use-After-Free in c (CVE-2026-0125)
CVE-2026-10638 Use-After-Free in c (CVE-2026-10638)
CVE-2026-10640 Use-After-Free in c (CVE-2026-10640)
CVE-2026-10639 Use-After-Free in c (CVE-2026-10639)
CVE-2026-10637 Use-After-Free in c (CVE-2026-10637)
CVE-2026-10636 Use-After-Free in c (CVE-2026-10636)

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →