CWE · MITRE source
CWE-232Improper Handling of Undefined Values
The product does not handle or incorrectly handles when a value is not defined or supported for the associated parameter, field, or argument name.
Last updated: 04 July 2026 00:28 UTC
NIST 800-53 r5 controls that address this weakness (0)AI
| Control | Title | Family | Why it addresses this CWE |
|---|---|---|---|
| No NIST controls proposed yet. | |||
Top CVEs of this weakness type, ranked by Risk Priority
| CVE | Risk | CVSS | EPSS | Published |
|---|---|---|---|---|
CVE-2025-40775 UPD | 6.0 | 7.5 | 0.1173 | 2025-05-21 |
CVE-2023-2968 | 5.5 | 7.5 | 0.0148 | 2023-05-30 |
CVE-2023-39914 | 5.5 | 7.5 | 0.0059 | 2023-09-13 |
CVE-2023-39915 | 5.5 | 7.5 | 0.0052 | 2023-09-13 |
CVE-2025-20192 UPD | 5.5 | 7.7 | 0.0037 | 2025-05-07 |
CVE-2021-34705 | 3.5 | 5.3 | 0.0097 | 2021-09-23 |
CVE-2021-3718 | 3.5 | 4.3 | 0.0021 | 2021-11-12 |
CVE-2022-22213 | 3.5 | 5.9 | 0.0061 | 2022-07-20 |
CVE-2023-36848 | 3.5 | 6.5 | 0.0027 | 2023-07-14 |
CVE-2025-20314 | 3.5 | 6.7 | 0.0015 | 2025-09-24 |
CVE-2026-21689 | 3.5 | 6.5 | 0.0027 | 2026-01-07 |