apache · erikbocks · Jan 5, 2026 · Copilot · Jan 5, 2026 · Copilot
diff --git a/server/src/main/java/com/cloud/server/ManagementServerImpl.java b/server/src/main/java/com/cloud/server/ManagementServerImpl.java
@@ -43,6 +43,7 @@
 import javax.inject.Inject;
 import javax.naming.ConfigurationException;
 
+import com.cloud.network.vpc.VpcVO;
 import org.apache.cloudstack.acl.ControlledEntity;
 import org.apache.cloudstack.acl.SecurityChecker;
 import org.apache.cloudstack.affinity.AffinityGroupProcessor;
@@ -2648,12 +2649,21 @@ public Pair<List<? extends IpAddress>, Integer> searchForIPAddresses(final ListP
         }
 
         if (associatedNetworkId != null) {
-            _accountMgr.checkAccess(caller, null, false, networkDao.findById(associatedNetworkId));
-            sc.setParameters("associatedNetworkIdEq", associatedNetworkId);
+            NetworkVO associatedNetwork = networkDao.findById(associatedNetworkId);
+
+            if (associatedNetwork != null) {
+                _accountMgr.checkAccess(caller, null, false, associatedNetwork);
+                sc.setParameters("associatedNetworkIdEq", associatedNetworkId);
-                sc.setParameters("associatedNetworkIdEq", associatedNetworkId);
+                sc.setParameters("associatedNetworkIdEq", associatedNetworkId);
+            } else {
+                throw new InvalidParameterValueException("Unable to find network by id " + associatedNetworkId);
-                sc.setParameters("associatedNetworkIdEq", associatedNetworkId);
+                sc.setParameters("associatedNetworkIdEq", associatedNetworkId);
+            } else {
+                throw new InvalidParameterValueException("Unable to find network by id " + associatedNetworkId);
+            }
         }
+
         if (vpcId != null) {
-            _accountMgr.checkAccess(caller, null, false, _vpcDao.findById(vpcId));
-            sc.setParameters("vpcId", vpcId);
+            VpcVO vpc = _vpcDao.findById(vpcId);
+
+            if (vpc != null) {
+                _accountMgr.checkAccess(caller, null, false, vpc);
+                sc.setParameters("vpcId", vpcId);
+            }
-            if (vpc != null) {
-                _accountMgr.checkAccess(caller, null, false, vpc);
-                sc.setParameters("vpcId", vpcId);
-            }
+            if (vpc == null) {
+                throw new InvalidParameterValueException("Unable to find VPC by id " + vpcId);
+            }
+
+            _accountMgr.checkAccess(caller, null, false, vpc);
+            sc.setParameters("vpcId", vpcId);
-            if (vpc != null) {
-                _accountMgr.checkAccess(caller, null, false, vpc);
-                sc.setParameters("vpcId", vpcId);
-            }
+            if (vpc == null) {
+                throw new InvalidParameterValueException("Unable to find VPC by id " + vpcId);
+            }
+
+            _accountMgr.checkAccess(caller, null, false, vpc);
+            sc.setParameters("vpcId", vpcId);
         }
 
         addrs = _publicIpAddressDao.search(sc, searchFilter); // Allocated