CWE-672: Operation on a Resource after Expiration or Release
The product uses, accesses, or otherwise operates on a resource after that resource has been expired, released, or revoked.
Last updated
Overview
CWE-672 (Operation on a Resource after Expiration or Release) is a class-level software weakness catalogued by MITRE in the Common Weakness Enumeration (CWE). It describes a recurring type of mistake that can lead to exploitable security vulnerabilities.
Real-world CVEs
45 recorded CVEs are caused by CWE-672 (Operation on a Resource after Expiration or Release). The highest-severity and most recent are shown first. 13 new CWE-672 CVEs have been recorded so far in 2026 (12 in 2025).