Command Injection Vulnerability in Microsoft Bing Images
CVE-2026-32194

9.8CRITICAL

Key Information:

Vendor: Microsoft
Status: Microsoft Bing Images
Vendor: CVE Published:; 19 March 2026

What is CVE-2026-32194?

A command injection vulnerability exists in Microsoft Bing Images that allows unauthorized attackers to execute arbitrary code over a network. This weakness arises from improper handling of special elements in commands, potentially exposing sensitive data or system integrity to exploitation. Users of Bing Images must remain vigilant and apply relevant security patches to mitigate risks.

Affected Version(s)

Microsoft Bing Images -

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisorypatch

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 19, 2026
Vulnerability Reserved
Mar 11, 2026

CVE-2026-32194 Data

JSON