diff --git a/patchfinder/src/main/java/patches/PatchFinder.java b/patchfinder/src/main/java/patches/PatchFinder.java
index 30ea5070..2dbafa3b 100644
--- a/patchfinder/src/main/java/patches/PatchFinder.java
+++ b/patchfinder/src/main/java/patches/PatchFinder.java
@@ -90,6 +90,10 @@ public static void run(int vulnVersionId) throws IOException {
 		// Get affected products via CVE ids
 		final Map<String, CpeGroup> affectedProducts = prodRepo.getAffectedProducts(vulnVersionId);
 		// that db call will return a map with at most one key, the cve id corresponding to the version id
+		if (affectedProducts.keySet().isEmpty()) {
+			logger.warn("No affected products found matching CVE '{}', cannot find patches.", vulnVersionId);
+			return;
+		}
 		String cveId = affectedProducts.keySet().iterator().next();
 		final CpeGroup affectedProduct = affectedProducts.get(cveId);
 		if(!affectedProducts.keySet().isEmpty() && affectedProduct != null) {