CWE-1091: Use of Object without Invoking Destructor Method
The product contains a method that accesses an object but does not later invoke the element's associated finalize/destructor method.
Last updated
Overview
CWE-1091 (Use of Object without Invoking Destructor Method) is a base-level software weakness catalogued by MITRE in the Common Weakness Enumeration (CWE). It describes a recurring type of mistake that can lead to exploitable security vulnerabilities.
Real-world CVEs
1 recorded CVEs are caused by CWE-1091 (Use of Object without Invoking Destructor Method). The highest-severity and most recent are shown first. 1 new CWE-1091 CVE has been recorded so far in 2026.
Common consequences
What can happen when CWE-1091 is exploited.
Reduce Performance
Affects: Other
This issue can make the product perform more slowly by retaining memory and/or other resources longer than necessary. If the relevant code is reachable by an attacker, then this performance problem might introduce a vulnerability.
How it happens
When it is introduced
Typically introduced during these phases of the software lifecycle.