7.5
CVE-2026-21218
- EPSS 1.02%
- Veröffentlicht 10.02.2026 18:16:22
- Zuletzt bearbeitet 12.02.2026 17:35:25
- Quelle secure@microsoft.com
- CVE-Watchlists
- Unerledigt
.NET Spoofing Vulnerability
Improper handling of missing special element in .NET allows an unauthorized attacker to perform spoofing over a network.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.02% | 0.587 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| secure@microsoft.com | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
|
CWE-166 Improper Handling of Missing Special Element
The product receives input from an upstream component, but it does not handle or incorrectly handles when an expected special element is missing.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21218