Your question is not about sighash, sighash flag is always just the last byte. Your question is about signature encoding.
Search for invalid DER encoding bitcoin or similar.
That is part of the information I've already found that includes malleability fixes. But some parts are missing.
Let me be more specific, One case is invalid SigHash byte. I have found transactions (already mined) that have 0x00 as their SigHash byte (flag) which is clearly a bug and is not about encoding.
Is this currently fixed? At which fork (block height, is it along BIP66?)?
Also I'm wondering what other "special cases" exist that I'm not aware of. For instance is/was 0x05 (=0b0000_0101) considered valid SigHash and equal to SigHash_All?