Cyber Resilience

CWE · MITRE source

CWE-416Use After Free

Abstraction: Variant · CVEs in our corpus: 7,663

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

Last updated: 04 July 2026 00:28 UTC

Cumulative inbound coverage

How completely the frameworks we cross-walk collectively cover this — the verdict is the strongest single mapping (overlapping partials are not summed); breadth shows the corroboration behind it.

Collective: full · 9 mapping(s) from 5 framework(s): ATT&CK 5 (mostly) · ASVS 5.0 1 (full) · STIG rhel 9 1 (mostly) · STIG oracle linux 8 1 (partial) · STIG rhel 8 1 (partial)

See the full cumulative-coverage rollup →

NIST 800-53 r5 controls that address this weakness (1)AI

Control Title Family Why it addresses this CWE
SI-16Memory ProtectionSIUse-after-free exploits that achieve arbitrary code execution are blocked or significantly hardened by non-executable pages and ASLR.

MITRE ATT&CK techniques this weakness enables

Our own two-way CWE↔ATT&CK cross-walk — a direct mapping with no public source (the CWE→CAPEC→ATT&CK chain leaves most top weaknesses, incl. XSS and SQLi, mapped to nothing). Drafted by Grok and spot-checked by Claude Opus 4.8.

Direction: other covers this; this covers other (F/M/P = full / mostly / partial).

Top CVEs of this weakness type, ranked by Risk Priority

CVE Risk CVSS EPSS Published
CVE-2009-4324 KEV10.07.80.81862009-12-15
CVE-2010-0249 KEV10.08.80.91882010-01-15
CVE-2010-0806 KEV10.08.80.82172010-03-10
CVE-2010-3962 KEV10.08.10.96892010-11-05
CVE-2012-4969 KEV10.08.10.81722012-09-18
CVE-2012-4792 KEV10.08.80.78822012-12-30
CVE-2013-2551 KEV10.08.80.74102013-03-11
CVE-2013-1347 KEV10.08.80.77892013-05-05
CVE-2013-3893 KEV10.08.80.85932013-09-18
CVE-2013-3897 KEV10.08.80.77462013-10-09
CVE-2014-0496 KEV10.08.80.40242014-01-15
CVE-2014-0322 KEV10.08.80.85242014-02-14
CVE-2014-1776 KEV10.09.80.88012014-04-27
CVE-2014-8439 KEV10.08.80.20012014-11-25
CVE-2015-0313 KEV10.09.80.95682015-02-02
CVE-2015-2360 KEV10.08.80.14962015-06-10
CVE-2015-5119 KEV10.09.80.99342015-07-08
CVE-2015-5122 KEV10.09.80.93692015-07-14
CVE-2015-5123 KEV10.09.80.18492015-07-14
CVE-2016-0984 KEV10.08.80.55372016-02-10
CVE-2016-7855 KEV10.08.80.25202016-11-01
CVE-2016-7892 KEV10.08.80.18792016-12-15
CVE-2017-0261 KEV10.07.80.78132017-05-12
CVE-2017-0263 KEV10.07.80.10032017-05-12
CVE-2018-4878 KEV10.07.80.89622018-02-06