Home/CWE/Release of Invalid Pointer or Reference
Weakness

Release of Invalid Pointer or Reference

CWE-763 · Base · Incomplete

The product attempts to return a memory resource to the system, but it calls the wrong release function or calls the appropriate release function incorrectly.

Extended description

This weakness can take several forms, such as: The memory was allocated, explicitly or implicitly, via one memory management method and deallocated using a different, non-compatible function (CWE-762). The function calls or memory management routines chosen are appropriate, however they are used incorrectly, such as in CWE-761.

Weakness Relationships

Where this weakness sits in the CWE hierarchy. Walk up to broader classes or down to more specific variants.
Parent of this (broader)
ChildOfCWE-404 · Improper Resource Shutdown or Release
Children (more specific)
ParentOfCWE-761 · Free of Pointer not at Start of Buffer
ParentOfCWE-762 · Mismatched Memory Management Routines

CVEs With This Weakness

102
A sample of the 102 CVEs tagged with this weakness.
CVECVE-2026-22770
CVECVE-2025-65116
CVECVE-2025-54333
CVECVE-2025-48768
CVECVE-2025-47749
CVECVE-2025-47329
CVECVE-2025-30379
CVECVE-2025-25215
CVECVE-2025-14233
CVECVE-2025-13824
CVECVE-2025-11838
CVECVE-2024-6607
External lookups - second-class, for what we don’t hold ourselves
MITRE CWE
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh  ·  Open-source threat intelligence platform  ·  100+ authoritative sources  ·  Every fact traces to its origin