CWE · MITRE source
CWE-395Use of NullPointerException Catch to Detect NULL Pointer Dereference
Catching NullPointerException should not be used as an alternative to programmatic checks to prevent dereferencing a null pointer.
Programmers typically catch NullPointerException under three circumstances: Of these three circumstances, only the last is acceptable.
Last updated: 04 July 2026 00:28 UTC
NIST 800-53 r5 controls that address this weakness (0)AI
| Control | Title | Family | Why it addresses this CWE |
|---|---|---|---|
| No NIST controls proposed yet. | |||
Top CVEs of this weakness type, ranked by Risk Priority
| CVE | Risk | CVSS | EPSS | Published |
|---|---|---|---|---|
CVE-2025-27466 | 7.0 | 9.8 | 0.0043 | 2025-09-11 |
CVE-2025-58142 | 7.0 | 9.8 | 0.0043 | 2025-09-11 |
CVE-2022-2832 | 5.5 | 7.5 | 0.0145 | 2022-08-16 |
CVE-2025-15514 UPD | 5.5 | 7.5 | 0.0070 | 2026-01-12 |
CVE-2022-29508 | 3.5 | 6.3 | 0.0017 | 2023-05-10 |
CVE-2022-42879 | 3.5 | 6.1 | 0.0021 | 2023-11-14 |
CVE-2023-25071 | 3.5 | 5.6 | 0.0018 | 2023-11-14 |
CVE-2024-27658 UPD | 3.5 | 6.5 | 0.0064 | 2024-02-29 |
CVE-2024-27659 UPD | 3.5 | 6.5 | 0.0064 | 2024-02-29 |
CVE-2024-27661 UPD | 3.5 | 6.5 | 0.0043 | 2024-02-29 |
CVE-2024-27662 UPD | 3.5 | 6.5 | 0.0043 | 2024-02-29 |
CVE-2023-41082 | 3.5 | 4.4 | 0.0022 | 2024-05-16 |
CVE-2023-23904 | 3.5 | 6.1 | 0.0014 | 2024-09-16 |
CVE-2024-36275 | 3.5 | 6.1 | 0.0021 | 2024-11-13 |
CVE-2022-42878 | 1.5 | 2.8 | 0.0019 | 2023-05-10 |
CVE-2023-48727 | 1.5 | 3.3 | 0.0024 | 2024-05-16 |
CVE-2024-28030 | 1.5 | 2.2 | 0.0018 | 2024-11-13 |