A
use-after-free vulnerability occurs when a program continues using a memory pointer after the memory has been freed — potentially executing attacker-controlled code placed in that memory location.
UAF vulnerabilities are common browser and kernel exploits. Browser-based UAFs are often zero-days. Mitigations: ASLR (randomizes memory placement), heap isolation, memory-safe languages (Rust, Go). Regularly patch browsers.