Spoofing Vulnerability in Microsoft Bing App for iOS
CVE-2026-58595

8.1HIGH

Key Information:

Vendor

Microsoft

Vendor
CVE Published:
14 July 2026

What is CVE-2026-58595?

A spoofing vulnerability exists in the Microsoft Bing App for iOS due to improper restrictions on rendered UI layers or frames. This flaw could allow an unauthorized attacker to manipulate the application's display over a network, potentially misleading users and exposing them to risks. It is crucial for users and administrators to apply the necessary updates to mitigate this threat and enhance overall app security.

Affected Version(s)

Microsoft Bing Search for iOS 1.0 < 33.4.440529002

References

CVSS V3.1

Score:
8.1
Severity:
HIGH
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.