Feb 2026: .NET Spoofing Vulnerability
CVE-2026-21218 Published on February 10, 2026

Improper handling of missing special element in .NET allows an unauthorized attacker to perform spoofing over a network.

Vendor Advisory NVD

Weakness Type

Improper Handling of Missing Special Element

The software receives input from an upstream component, but it does not handle or incorrectly handles when an expected special element is missing.

Products Associated with CVE-2026-21218

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2026-21218 are published in Microsoft Net:

Microsoft Net

Affected Versions

Microsoft .NET 10.0:

Version 10.0.0 and below 10.0.3 is affected.

Microsoft .NET 8.0:

Version 8.0.0 and below 8.0.24 is affected.

Microsoft .NET 9.0:

Version 9.0.0 and below 9.0.13 is affected.