CWE-230 (Improper Handling of Missing Values) documents a weakness type used across vulnerability databases and security assessments. Use the sections below for definition, context, and mapped CVEs.
The product does not handle or incorrectly handles when a parameter, field, or argument name is specified, but the associated value is missing, i.e. it is empty, blank, or null.
| Kind | Name | Class | Prevalence | OS / CPE |
|---|---|---|---|---|
| language | — | Not Language-Specific | Undetermined | — |
These CVEs are mapped to this weakness in this database and kept for traceability and search.
| CVE | Published | Summary |
|---|---|---|
| CVE-2026-25659 | 2026-06-05 | Ericsson Packet Core Gateway (PCG) versions prior to 1.30 contain an Improper Handling of Missing Values (CWE-230) vulnerability where an attacker continuously sending a specially crafted message can … |
| CVE-2026-25658 | 2026-06-05 | Ericsson Packet Core Gateway (PCG) versions prior to 1.30 contain an Improper Handling of Missing Values (CWE-230) vulnerability where an attacker continuously sending a specially crafted message can … |
| CVE-2026-20086 | 2026-03-25 | A vulnerability in the processing of Control and Provisioning of Wireless Access Points (CAPWAP) packets of Cisco IOS XE Wireless Controller Software for the Catalyst CW9800 Family could allow an unau… |
| CVE-2026-1461 | 2026-02-19 | The Simple Membership plugin for WordPress is vulnerable to Improper Handling of Missing Values in all versions up to, and including, 4.7.0 via the Stripe webhook handler. This is due to the plugin on… |
| CVE-2025-23225 | 2025-02-28 | IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD could allow an authenticated user to cause a denial of service due to the improper handling of invalid headers sent to the queue. |
| CVE-2024-11024 | 2024-11-26 | The AppPresser – Mobile App Framework plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 4.4.6. This is due to the plugin not properl… |
| CVE-2024-10508 | 2024-11-09 | The RegistrationMagic – User Registration Plugin with Custom Registration Forms plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 6.… |
| CVE-2024-9781 | 2024-10-10 | AppleTalk and RELOAD Framing dissector crash in Wireshark 4.4.0 and 4.2.0 to 4.2.7 allows denial of service via packet injection or crafted capture file |
| CVE-2024-6237 | 2024-07-09 | A flaw was found in the 389 Directory Server. This flaw allows an unauthenticated user to cause a systematic server crash while sending a specific extended search request, leading to a denial of servi… |
| CVE-2024-0048 | 2024-03-11 | In Session of AccountManagerService.java, there is a possible method to retain foreground service privileges due to incorrect handling of null responses. This could lead to local escalation of privile… |
| CVE-2024-0208 | 2024-01-03 | GVCP dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file |
| CVE-2023-1697 | 2023-04-17 | An Improper Handling of Missing Values vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an adjacent, unauthenticated attacker to cause a dcpfe process core and t… |
| Date | Name | Version | Importance | Comment |
|---|---|---|---|---|
| 2008-07-01 | Eric Dalci | 1.0 | — | updated Time_of_Introduction |
| 2008-09-08 | CWE Content Team | 1.0 | — | updated Relationships, Other_Notes, Taxonomy_Mappings |
| 2009-03-10 | CWE Content Team | 1.3 | — | updated Description, Name |
| 2009-10-29 | CWE Content Team | 1.6 | — | updated Other_Notes, Research_Gaps |
| 2011-06-01 | CWE Content Team | 1.13 | — | updated Common_Consequences, Relationships, Taxonomy_Mappings |
| 2011-06-27 | CWE Content Team | 2.0 | — | updated Common_Consequences |
| 2012-05-11 | CWE Content Team | 2.2 | — | updated Relationships |
| 2013-07-17 | CWE Content Team | 2.5 | — | updated Type |
| 2014-02-18 | CWE Content Team | 2.6 | — | updated Demonstrative_Examples |
| 2014-07-30 | CWE Content Team | 2.8 | — | updated Relationships |
| 2017-11-08 | CWE Content Team | 3.0 | — | updated Applicable_Platforms |
| 2019-01-03 | CWE Content Team | 3.2 | — | updated Taxonomy_Mappings |
| 2020-02-24 | CWE Content Team | 4.0 | — | updated Relationships |
| 2021-03-15 | CWE Content Team | 4.4 | — | updated Demonstrative_Examples |
| 2023-01-31 | CWE Content Team | 4.10 | — | updated Description |
| 2023-04-27 | CWE Content Team | 4.11 | — | updated Relationships |
| 2023-06-29 | CWE Content Team | 4.12 | — | updated Mapping_Notes |
| 2025-12-11 | CWE Content Team | 4.19 | — | updated Weakness_Ordinalities |