By weakness (CWE)

CWE-416: related vulnerabilities

CVEs classified under CWE-416. Understanding the weakness class helps prioritize systemic fixes over one-off patches.

302 published vulnerabilities · page 4 of 4

  • CVE-2026-11623MEDIUM 4.5

    A use-after-free memory vulnerability exists in tmux versions up to 3.6a, specifically within the image handling code. An attacker with local system access could trigger this flaw through a complex exploitation chain to read, modify, or crash tmux processes. While a public exploit has been disclosed, the attack requires both local access and deliberate manipulation, making opportunistic exploitation unlikely. The issue is resolved by upgrading to version 3.7-rc or applying the specific patch commit fc6d94a9f8a593bd8b7031650802084385d4ee03.

  • CVE-2026-52757MEDIUM 4.4

    Ghidra, the National Security Agency's widely-used reverse-engineering and binary analysis platform, contains a memory safety bug in its decompiler. When a specially crafted binary file is opened in Ghidra's decompiler view, the application can access memory that has already been freed, potentially corrupting data or crashing the program. An attacker would need to distribute a malicious binary and convince a user to analyze it in Ghidra—the vulnerability itself does not allow remote code execution or network-based attacks.