CWE · MITRE source
CWE-230Improper Handling of Missing Values
The product does not handle or incorrectly handles when a parameter, field, or argument name is specified, but the associated value is missing, i.e. it is empty, blank, or null.
Last updated: 09 May 2026 03:25 UTC
NIST 800-53 r5 controls that address this weakness (0)AI
| Control | Title | Family | Why it addresses this CWE |
|---|---|---|---|
| No NIST controls proposed yet. | |||
Top CVEs of this weakness type, ranked by Risk Priority
| CVE | Risk | CVSS | EPSS | Published |
|---|---|---|---|---|
CVE-2024-10508 | 2.9 | 9.8 | 0.1533 | 2024-11-09 |
CVE-2024-11024 | 2.0 | 9.8 | 0.0039 | 2024-11-26 |
CVE-2026-20086 | 1.7 | 8.6 | 0.0015 | 2026-03-25 |
CVE-2024-0208 | 1.6 | 7.8 | 0.0003 | 2024-01-03 |
CVE-2024-0048 | 1.6 | 7.8 | 0.0002 | 2024-03-11 |
CVE-2024-9781 | 1.6 | 7.8 | 0.0018 | 2024-10-10 |
CVE-2024-6237 | 1.4 | 6.5 | 0.0106 | 2024-07-09 |
CVE-2023-1697 | 1.3 | 6.5 | 0.0027 | 2023-04-17 |
CVE-2025-23225 | 1.3 | 6.5 | 0.0018 | 2025-02-28 |
CVE-2026-1461 | 1.3 | 6.5 | 0.0008 | 2026-02-19 |