CVE-2026-21218
Published: 10 February 2026
Summary
CVE-2026-21218 is a high-severity Improper Handling of Missing Special Element (CWE-166) vulnerability in Microsoft .Net. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 14.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SC-23 (Session Authenticity) and SI-10 (Information Input Validation).
Deeper analysis
CVE-2026-21218 is a vulnerability in .NET stemming from improper handling of a missing special element. This flaw enables an unauthorized attacker to perform spoofing over a network. The issue carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) and is classified under CWE-166.
Any unauthenticated attacker with network access can exploit this vulnerability due to its low attack complexity and lack of required privileges or user interaction. Successful exploitation allows the attacker to achieve spoofing, resulting in a high impact on integrity while causing no impact on confidentiality or availability.
The Microsoft Security Response Center advisory provides details on mitigation and patches at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21218.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-7347
Vulnerability details
Improper handling of missing special element in .NET allows an unauthorized attacker to perform spoofing over a network.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Network-exploitable spoofing flaw (no auth/UI) directly enables public app exploitation (T1190) and adversary-in-the-middle spoofing (T1557).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly mitigates the .NET spoofing vulnerability by requiring timely patching and flaw remediation as advised by MSRC.
Addresses improper handling of the missing special element by enforcing validation of network inputs to prevent spoofing exploitation.
Protects against network spoofing by ensuring mechanisms for session authenticity in .NET communications.