The software does not properly "clean up" and remove temporary or supporting resources after they have been used. An attacker can leverage such resources to gain access to sensitive information or use them in further actions to compromise the application.