Total
7342 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-68617 | 1 Fluidsynth | 1 Fluidsynth | 2026-06-17 | N/A | 7.0 HIGH |
| FluidSynth is a software synthesizer based on the SoundFont 2 specifications. From versions 2.5.0 to before 2.5.2, a race condition during unloading of a DLS file can trigger a heap-based use-after-free. A concurrently running thread may be pending to unload a DLS file, leading to use of freed memory, if the synthesizer is being concurrently destroyed, or samples of the (unloaded) DLS file are concurrently used to synthesize audio. This issue has been patched in version 2.5.2. The problem will not occur, when explicitly unloading a DLS file (before synth destruction), provided that at the time of unloading, no samples of the respective file are used by active voices. The problem will not occur in versions of FluidSynth that have been compiled without native DLS support. | |||||
| CVE-2025-66627 | 1 Wasmi-labs | 1 Wasmi | 2026-06-17 | N/A | 8.4 HIGH |
| Wasmi is a WebAssembly interpreter focused on constrained and embedded systems. In versions 0.41.0, 0.41.1, 0.42.0 through 0.47.1, 0.50.0 through 0.51.2 and 1.0.0, Wasmi's linear memory implementation leads to a Use After Free vulnerability, triggered by a WebAssembly module under certain memory growth conditions. This issue potentially leads to memory corruption, information disclosure, or code execution. This issue is fixed in versions 0.41.2, 0.47.1, 0.51.3 and 1.0.1. To workaround this issue, consider limiting the maximum linear memory sizes where feasible. | |||||
| CVE-2025-66585 | 1 Azeotech | 1 Daqfactory | 2026-06-17 | N/A | 7.8 HIGH |
| In AzeoTech DAQFactory release 20.7 (Build 2555), a use after free vulnerability can be exploited to cause memory corruption while parsing specially crafted .ctl files. This could allow an attacker to execute code in the context of the current process. | |||||
| CVE-2025-66495 | 3 Apple, Foxit, Microsoft | 4 Macos, Pdf Editor, Pdf Reader and 1 more | 2026-06-17 | N/A | 7.8 HIGH |
| A use-after-free vulnerability exists in the annotation handling of Foxit PDF Reader before 2025.2.1, 14.0.1, and 13.2.1 on Windows and MacOS. When opening a PDF containing specially crafted JavaScript, a pointer to memory that has already been freed may be accessed or dereferenced, potentially allowing a remote attacker to execute arbitrary code. | |||||
| CVE-2025-66494 | 2 Foxit, Microsoft | 3 Pdf Editor, Pdf Reader, Windows | 2026-06-17 | N/A | 7.8 HIGH |
| A use-after-free vulnerability exists in the PDF file parsing of Foxit PDF Reader before 2025.2.1, 14.0.1, and 13.2.1 on Windows. A PDF object managed by multiple parent objects could be freed while still being referenced, potentially allowing a remote attacker to execute arbitrary code. | |||||
| CVE-2025-66493 | 2 Foxit, Microsoft | 3 Pdf Editor, Pdf Reader, Windows | 2026-06-17 | N/A | 7.8 HIGH |
| A use-after-free vulnerability exists in the AcroForm handling of Foxit PDF Reader and Foxit PDF Editor before 2025.2.1,14.0.1 and 13.2.1 on Windows . When opening a PDF containing specially crafted JavaScript, a pointer to memory that has already been freed may be accessed or dereferenced, potentially allowing a remote attacker to execute arbitrary code. | |||||
| CVE-2025-66326 | 1 Huawei | 1 Harmonyos | 2026-06-17 | N/A | 6.7 MEDIUM |
| Race condition vulnerability in the audio module. Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2025-66023 | 1 Emqx | 1 Nanomq | 2026-06-17 | N/A | 4.9 MEDIUM |
| NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform. Versions prior to 0.24.5 have a Heap-Use-After-Free (UAF) vulnerability within the MQTT bridge client component (implemented via the underlying NanoNNG library). The vulnerability is triggered when NanoMQ acts as a bridge connecting to a remote MQTT broker. A malicious remote broker can trigger a crash (Denial of Service) or potential memory corruption by accepting the connection and immediately sending a malformed packet sequence. Version 0.34.5 contains a patch. The patch enforces stricter protocol adherence in the MQTT client SDK embedded in NanoMQ. Specifically, it ensures that CONNACK is always the first packet processed in the line. This prevents the state confusion that led to the Heap-Use-After-Free (UAF) when a malicious server sent a malformed packet sequence immediately after connection establishment. As a workaround, validate the remote broker before bridging. | |||||
| CVE-2025-65955 | 1 Imagemagick | 1 Imagemagick | 2026-06-17 | N/A | 4.9 MEDIUM |
| ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-9 and 6.9.13-34, there is a vulnerability in ImageMagick’s Magick++ layer that manifests when Options::fontFamily is invoked with an empty string. Clearing a font family calls RelinquishMagickMemory on _drawInfo->font, freeing the font string but leaving _drawInfo->font pointing to freed memory while _drawInfo->family is set to that (now-invalid) pointer. Any later cleanup or reuse of _drawInfo->font re-frees or dereferences dangling memory. DestroyDrawInfo and other setters (Options::font, Image::font) assume _drawInfo->font remains valid, so destruction or subsequent updates trigger crashes or heap corruption. This vulnerability is fixed in 7.1.2-9 and 6.9.13-34. | |||||
| CVE-2025-65953 | 2026-06-17 | N/A | N/A | ||
| NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform. Prior to version 0.22.5, a Heap-Use-After-Free (UAF) vulnerability exists in the TCP transport component of NanoMQ, which relies on the underlying NanoNNG library (specifically in src/sp/transport/mqtt/broker_tcp.c). The vulnerability is due to improper resource management and premature cleanup of message and pipe structures under specific malformed MQTTV5 retain message traffic conditions. This issue has been patched in version 0.22.5. | |||||
| CVE-2025-65503 | 1 Redboltz | 1 Async Mqtt | 2026-06-17 | N/A | 5.5 MEDIUM |
| Use after free in endpoint destructors in Redboltz async_mqtt 10.2.5 allows local users to cause a denial of service via triggering SSL initialization failure that results in incorrect destruction order between io_context and endpoint objects. | |||||
| CVE-2025-65407 | 1 Live555 | 1 Streaming Media | 2026-06-17 | N/A | 6.5 MEDIUM |
| A use-after-free in the MPEG1or2Demux::newElementaryStream() function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MPEG Program stream. | |||||
| CVE-2025-65405 | 1 Live555 | 1 Streaming Media | 2026-06-17 | N/A | 6.5 MEDIUM |
| A use-after-free in the ADTSAudioFileSource::samplingFrequency() function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service (DoS) via supplying a crafted ADTS/AAC file. | |||||
| CVE-2025-64531 | 3 Adobe, Apple, Microsoft | 3 Substance 3d Stager, Macos, Windows | 2026-06-17 | N/A | 7.8 HIGH |
| Substance3D - Stager versions 3.1.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-64468 | 1 Ni | 1 Labview | 2026-06-17 | N/A | 7.8 HIGH |
| There is a use-after-free vulnerability in sentry!sentry_span_set_data() when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q3 (25.3) and prior versions | |||||
| CVE-2025-64183 | 1 Openexr | 1 Openexr | 2026-06-17 | N/A | 7.5 HIGH |
| OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.2.0 through 3.2.4, 3.3.0 through 3.3.5, and 3.4.0 through 3.4.2, there is a use-after-free in PyObject_StealAttrString of pyOpenEXR_old.cpp. The legacy adapter defines PyObject_StealAttrString that calls PyObject_GetAttrString to obtain a new reference, immediately decrefs it, and returns the pointer. Callers then pass this dangling pointer to APIs like PyLong_AsLong/PyFloat_AsDouble, resulting in a use-after-free. This is invoked in multiple places (e.g., reading PixelType.v, Box2i, V2f, etc.) Versions 3.2.5, 3.3.6, and 3.4.3 fix the issue. | |||||
| CVE-2025-63652 | 1 Monkey-project | 1 Monkey | 2026-06-17 | N/A | 7.5 HIGH |
| A use-after-free in the mk_http_request_end function (mk_server/mk_http.c) of monkey commit f37e984 allows attackers to cause a Denial of Service (DoS) via sending a crafted HTTP request to the server. | |||||
| CVE-2025-63651 | 1 Monkey-project | 1 Monkey | 2026-06-17 | N/A | 7.5 HIGH |
| A use-after-free in the mk_string_char_search function (mk_core/mk_string.c) of monkey commit f37e984 allows attackers to cause a Denial of Service (DoS) via sending a crafted HTTP request to the server. | |||||
| CVE-2025-62788 | 1 Wazuh | 1 Wazuh | 2026-06-17 | N/A | 7.5 HIGH |
| Wazuh is a free and open source platform used for threat prevention, detection, and response. Prior to 4.11.0, w_copy_event_for_log() references memory (initially allocated in OS_CleanMSG()) after it has been freed. A compromised agent can potentially compromise the integrity of the application by sending a specially crafted message to the wazuh manager. An attacker who is able to craft and send an agent message to the wazuh manager can leverage this issue to potentially compromise the integrity of the application (the use of previously freed memory may corrupt valid data, if the memory area in question has been allocated and used properly elsewhere). This vulnerability is fixed in 4.11.0. | |||||
| CVE-2025-62573 | 1 Microsoft | 12 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 9 more | 2026-06-17 | N/A | 7.0 HIGH |
| Use after free in Windows DirectX allows an authorized attacker to elevate privileges locally. | |||||