CWE-166— Improper Handling of Missing Special Element
The product receives input from an upstream component, but it does not handle or incorrectly handles when an expected special element is missing.— MITRE CWE catalog
4 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-166page 1 of 1
- CVE-2024-38091HIGHCVSS 7.5EG 7.52024-07-09
Microsoft WS-Discovery Denial of Service Vulnerability
- CVE-2026-21218HIGHCVSS 7.5EG 7.52026-02-10
Improper handling of missing special element in .NET allows an unauthorized attacker to perform spoofing over a network.
- CVE-2026-32792MEDIUMCVSS 5.3EG 5.32026-05-20
NLnet Labs Unbound 1.6.2 up to and including version 1.25.0 has a denial of service vulnerability when compiled with DNSCrypt support ('--enable-dnscrypt'). A bad DNSCrypt query could underflow Unbound's DNSCrypt packet reading procedure t…
- CVE-2026-34582CRITICALCVSS 9.1EG 9.12026-04-07
Botan is a C++ cryptography library. Prior to version 3.11.1, the TLS 1.3 implementation allowed ApplicationData records to be processed prior to the Finished message being received. A server which is attempting to enforce client authentic…
Map vulnerabilities like CWE-166 to your infrastructure
EchelonGraph correlates every CVE — across CWE-166 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →