diff --git a/cve_bin_tool/data_sources/nvd_source.py b/cve_bin_tool/data_sources/nvd_source.py
index e6d6769caa..2321a89837 100644
--- a/cve_bin_tool/data_sources/nvd_source.py
+++ b/cve_bin_tool/data_sources/nvd_source.py
@@ -420,7 +420,7 @@ async def fetch_cves(self):
             tasks = [
                 self.cache_update(self.session, url, meta["sha256"])
                 for url, meta in nvd_metadata.items()
-                if meta is not None
+                if meta is not None and meta.get("sha256") is not None
             ]
 
         total_tasks = len(tasks)
@@ -579,6 +579,9 @@ async def cache_update(
             # Raise for all other 4xx errors
             response.raise_for_status()
             gzip_data = await response.read()
+        if len(gzip_data) == 0:
+            self.LOGGER.debug(f"Missing data for {filename}")
+            return
         json_data = gzip.decompress(gzip_data)
         gotsha = hashlib.sha256(json_data).hexdigest().upper()
         async with FileIO(filepath, "wb") as filepath_handle: