Cyber Posture

CWE · MITRE source

CWE-690Unchecked Return Value to NULL Pointer Dereference

Abstraction: Compound · CVEs in our corpus: 31

The product does not check for an error after calling a function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference.

While unchecked return value weaknesses are not limited to returns of NULL pointers (see the examples in CWE-252), functions often return NULL to indicate an error status. When this error condition is not checked, a NULL pointer dereference can occur.

Last updated: 09 May 2026 03:25 UTC

NIST 800-53 r5 controls that address this weakness (0)AI

Control Title Family Why it addresses this CWE
No NIST controls proposed yet.

Top CVEs of this weakness type, ranked by Risk Priority

CVE Risk CVSS EPSS Published
CVE-2020-135821.87.50.04902021-01-26
CVE-2022-206821.88.60.00962022-04-15
CVE-2020-60951.57.50.00532020-03-27
CVE-2020-16481.57.50.00392020-07-17
CVE-2022-222311.57.50.00452022-10-18
CVE-2022-393811.57.50.00302022-11-02
CVE-2022-419571.57.50.00352022-11-28
CVE-2024-230851.57.50.00092024-04-08
CVE-2026-244041.47.10.00142026-01-24
CVE-2026-244091.47.10.00142026-01-24
CVE-2026-244101.47.10.00142026-01-24
CVE-2026-244111.47.10.00172026-01-24
CVE-2026-216891.36.50.00132026-01-07
CVE-2022-222331.15.50.00052022-10-18
CVE-2024-239151.15.30.00122024-09-18
CVE-2024-239161.15.30.00122024-09-18
CVE-2024-311641.15.30.00122024-09-18
CVE-2024-311651.15.30.00122024-09-18
CVE-2024-311671.15.30.00122024-09-18
CVE-2024-311751.15.30.00122024-09-18
CVE-2024-311821.15.30.00202024-09-18
CVE-2024-311851.15.30.00202024-09-18
CVE-2024-311961.15.30.00202024-09-18
CVE-2025-331921.15.70.00022025-11-25
CVE-2026-214961.15.50.00032026-01-07