CWE-166: Improper Handling of Missing Special Element
low-riskThe product receives input from an upstream component, but it does not handle or incorrectly handles when an expected special element is missing.
Abstraction: Base
Common Consequences
Availability
→
DoS: Crash, Exit, or Restart
Real-World Examples (2)
| CVE | CVSS | EPSS | KEV |
|---|---|---|---|
| CVE-2024-38091 | 7.5 | 11.1% | — |
| CVE-2026-21218 | 7.5 | 0.0% | — |
19
/ 100
low-risk
Active Threat
19/50 · Low
Exploit Availability
0/50 · Minimal