CWE-166
Improper Handling of Missing Special Element
BaseDraft
Description
The product receives input from an upstream component, but it does not handle or incorrectly handles when an expected special element is missing.
Hierarchy (View 1000)
CVEs mapped to this weakness (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-32792 | Med | 0.27 | 5.3 | 0.00 | May 20, 2026 | NLnet Labs Unbound 1.6.2 up to and including version 1.25.0 has a denial of service vulnerability when compiled with DNSCrypt support ('--enable-dnscrypt'). A bad DNSCrypt query could underflow Unbound's DNSCrypt packet reading procedure that may lead to heap overflow. A… | ||
| CVE-2026-21218 | — | 0.00 | — | 0.01 | Feb 10, 2026 | Improper handling of missing special element in .NET allows an unauthorized attacker to perform spoofing over a network. |
- risk 0.27cvss 5.3epss 0.00
NLnet Labs Unbound 1.6.2 up to and including version 1.25.0 has a denial of service vulnerability when compiled with DNSCrypt support ('--enable-dnscrypt'). A bad DNSCrypt query could underflow Unbound's DNSCrypt packet reading procedure that may lead to heap overflow. A…
- CVE-2026-21218Feb 10, 2026risk 0.00cvss —epss 0.01
Improper handling of missing special element in .NET allows an unauthorized attacker to perform spoofing over a network.