CWE · MITRE source
CWE-401Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
Last updated: 09 May 2026 03:25 UTC
NIST 800-53 r5 controls that address this weakness (0)AI
| Control | Title | Family | Why it addresses this CWE |
|---|---|---|---|
| No NIST controls proposed yet. | |||
Top CVEs of this weakness type, ranked by Risk Priority
| CVE | Risk | CVSS | EPSS | Published |
|---|---|---|---|---|
CVE-2018-0158 KEV | 4.6 | 8.6 | 0.1456 | 2018-03-28 |
CVE-2018-17240 | 4.4 | 7.5 | 0.4835 | 2022-06-10 |
CVE-2018-0891 | 4.3 | 4.3 | 0.5655 | 2018-03-14 |
CVE-2016-4232 | 3.3 | 7.5 | 0.2971 | 2016-07-13 |
CVE-2021-3492 | 3.2 | 8.8 | 0.2444 | 2021-04-17 |
CVE-2023-26083 KEV | 3.0 | 3.3 | 0.0523 | 2023-04-06 |
CVE-2020-13934 | 2.9 | 7.5 | 0.2338 | 2020-07-14 |
CVE-2016-6304 | 2.6 | 7.5 | 0.1804 | 2016-09-26 |
CVE-2019-12265 | 2.1 | 5.3 | 0.1653 | 2019-08-09 |
CVE-2018-0832 | 2.0 | 4.7 | 0.1706 | 2018-02-15 |
CVE-2022-0742 | 2.0 | 9.1 | 0.0221 | 2022-03-18 |
CVE-2018-0901 | 1.9 | 4.7 | 0.1643 | 2018-03-14 |
CVE-2019-6128 | 1.9 | 8.8 | 0.0233 | 2019-01-11 |
CVE-2021-28651 | 1.9 | 7.5 | 0.0613 | 2021-05-27 |
CVE-2015-8567 | 1.8 | 7.7 | 0.0351 | 2017-04-13 |
CVE-2018-15377 | 1.8 | 8.6 | 0.0058 | 2018-10-05 |
CVE-2019-1708 | 1.8 | 8.6 | 0.0094 | 2019-05-03 |
CVE-2019-17340 | 1.8 | 8.8 | 0.0008 | 2019-10-08 |
CVE-2020-1603 | 1.8 | 8.6 | 0.0064 | 2020-01-15 |
CVE-2020-9431 | 1.8 | 7.5 | 0.0440 | 2020-02-27 |
CVE-2020-3189 | 1.8 | 8.6 | 0.0131 | 2020-05-06 |
CVE-2020-3203 | 1.8 | 8.6 | 0.0076 | 2020-06-03 |
CVE-2020-3373 | 1.8 | 8.6 | 0.0191 | 2020-10-21 |
CVE-2020-3572 | 1.8 | 8.6 | 0.0186 | 2020-10-21 |
CVE-2021-1313 | 1.8 | 8.6 | 0.0060 | 2021-02-04 |