CWE-395: Use of NullPointerException Catch to Detect NULL Pointer Dereference
Catching NullPointerException should not be used as an alternative to programmatic checks to prevent dereferencing a null pointer.
Last updated
Overview
Programmers typically catch NullPointerException under three circumstances: The program contains a null pointer dereference. Catching the resulting exception was easier than fixing the underlying problem. The program explicitly throws a NullPointerException to signal an error condition. The code is part of a test harness that supplies unexpected input to the classes under test. Of these three circumstances, only the last is acceptable.
Real-world CVEs
17 recorded CVEs are caused by CWE-395 (Use of NullPointerException Catch to Detect NULL Pointer Dereference). The highest-severity and most recent are shown first. 1 new CWE-395 CVE has been recorded so far in 2026 (2 in 2025).
- CVE-2025-58142
Mutiple vulnerabilities in the Viridian interface
Critical · CVSS 9.8 · EPSS 35th2025-09-11 - CVE-2025-27466
Mutiple vulnerabilities in the Viridian interface
Critical · CVSS 9.8 · EPSS 35th2025-09-11 - CVE-2025-15514
Ollama Multi-Modal Model Image Processing NULL Pointer Dereference
High · CVSS 8.7 · EPSS 49th2026-01-12 - CVE-2022-29508High · CVSS 7.8 · EPSS 7th2023-05-10
- CVE-2022-2832High · CVSS 7.5 · EPSS 70th2022-08-16
- CVE-2023-23904Medium · CVSS 6.9 · EPSS 4th2024-09-16
- CVE-2024-27662Medium · CVSS 6.5 · EPSS 35th2024-02-29
- CVE-2024-27658Medium · CVSS 6.5 · EPSS 47th2024-02-29
- CVE-2024-27661Medium · CVSS 6.5 · EPSS 35th2024-02-29
- CVE-2024-27659Medium · CVSS 6.5 · EPSS 47th2024-02-29
- CVE-2022-42879Medium · CVSS 6.1 · EPSS 11th2023-11-14
- CVE-2024-36275Medium · CVSS 5.8 · EPSS 11th2024-11-13
Showing 12 of 17 recorded CWE-395 CVEs. Track new ones as they are published and get AI-written analysis and fixes.
Monitor CWE-395 vulnerabilitiesCommon consequences
What can happen when CWE-395 is exploited.
DoS: Resource Consumption (CPU)
Affects: Availability
How it happens
When it is introduced
Typically introduced during these phases of the software lifecycle.
Applies to
Languages
How to prevent it
Practical mitigations for CWE-395, grouped by where in the lifecycle they apply.
Do not extensively rely on catching exceptions (especially for validating user input) to handle errors. Handling exceptions can decrease the performance of an application.
How to detect it
Automated Static Analysis - Binary or Bytecode
According to SOAR [REF-1479], the following detection techniques may be useful:
Effectiveness: SOAR Partial
Dynamic Analysis with Manual Results Interpretation
According to SOAR [REF-1479], the following detection techniques may be useful:
Effectiveness: SOAR Partial
Manual Static Analysis - Source Code
According to SOAR [REF-1479], the following detection techniques may be useful:
Effectiveness: SOAR Partial
Automated Static Analysis - Source Code
According to SOAR [REF-1479], the following detection techniques may be useful:
Effectiveness: High
Architecture or Design Review
According to SOAR [REF-1479], the following detection techniques may be useful:
Effectiveness: High
Code examples
Illustrative examples from MITRE showing how the weakness appears in code.
The following code mistakenly catches a NullPointerException.
Vulnerable example
try {Terminology & mappings
Mapped taxonomies
- 7 Pernicious Kingdoms: Catching NullPointerException
- The CERT Oracle Secure Coding Standard for Java (2011): Do not catch NullPointerException or any of its ancestors (ERR08-J)
Frequently asked questions
Common questions about CWE-395.
- What is CWE-395?
- Catching NullPointerException should not be used as an alternative to programmatic checks to prevent dereferencing a null pointer.
- What CVEs are caused by CWE-395?
- 17 recorded CVEs are attributed to CWE-395, including CVE-2025-58142, CVE-2025-27466, CVE-2025-15514.
- How do you prevent CWE-395?
- Do not extensively rely on catching exceptions (especially for validating user input) to handle errors. Handling exceptions can decrease the performance of an application.
- How is CWE-395 detected?
- Automated Static Analysis - Binary or Bytecode: According to SOAR [REF-1479], the following detection techniques may be useful:
- What are the consequences of CWE-395?
- Exploiting CWE-395 can lead to: DoS: Resource Consumption (CPU).
- Is CWE-395 actively exploited?
- 17 recorded CVEs are caused by CWE-395; none are currently in CISA's KEV catalog of actively exploited flaws.
References
- MITRE CWE definition (CWE-395) (opens in a new tab)
- CWE-395 vulnerabilities on NVD (opens in a new tab)
- Learn: What is a CWE?
Weakness data is sourced from the MITRE CWE catalog (v4.20). CVE associations are aggregated and kept current by RadicalNotion.AI.
Stay ahead of CWE-395
Get alerted the moment a new CWE-395 vulnerability affects your stack, with AI-written analysis, severity context, and remediation guidance.