Moole Vulnerability Database

Find real vulnerabilities before they ship

High

CVE-2026-21218

Improper handling of missing special element in .NET allows an unauthorized attacker to perform spoofing over a network.

VectorNETWORK

PublishedFeb 10, 2026, 18:16

Published Bysecure@microsoft.com

Base Score

Score7.5

Package (Ecosystem)IntroducedFixedLimit

System.Security.Cryptography.Cose(NuGet)8.0.08.0.2N/A

System.Security.Cryptography.Cose(NuGet)9.0.09.0.13N/A

System.Security.Cryptography.Cose(NuGet)10.0.010.0.3N/A

CWE-166

Base Score

7.5

Vector String

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Base SeverityHigh

Version

3.1

Attack Vector (AV)

NETWORK