CWE · MITRE source
CWE-232Improper Handling of Undefined Values
The product does not handle or incorrectly handles when a value is not defined or supported for the associated parameter, field, or argument name.
Last updated: 09 May 2026 03:25 UTC
NIST 800-53 r5 controls that address this weakness (0)AI
| Control | Title | Family | Why it addresses this CWE |
|---|---|---|---|
| No NIST controls proposed yet. | |||
Top CVEs of this weakness type, ranked by Risk Priority
| CVE | Risk | CVSS | EPSS | Published |
|---|---|---|---|---|
CVE-2025-20192 | 1.6 | 7.7 | 0.0055 | 2025-05-07 |
CVE-2023-2968 | 1.5 | 7.5 | 0.0061 | 2023-05-30 |
CVE-2023-39914 | 1.5 | 7.5 | 0.0024 | 2023-09-13 |
CVE-2023-39915 | 1.5 | 7.5 | 0.0035 | 2023-09-13 |
CVE-2025-40775 | 1.5 | 7.5 | 0.0018 | 2025-05-21 |
CVE-2023-36848 | 1.3 | 6.5 | 0.0009 | 2023-07-14 |
CVE-2025-20314 | 1.3 | 6.7 | 0.0010 | 2025-09-24 |
CVE-2026-21689 | 1.3 | 6.5 | 0.0013 | 2026-01-07 |
CVE-2022-22213 | 1.2 | 5.9 | 0.0028 | 2022-07-20 |
CVE-2021-34705 | 1.1 | 5.3 | 0.0055 | 2021-09-23 |
CVE-2021-3718 | 0.9 | 4.3 | 0.0003 | 2021-11-12 |