CVE-2026-32191

CRITICAL WAF: High

CVSS 9.8 Published: 2026-03-19

CWE-78

Improper neutralization of special elements used in an os command ('os command injection') in Microsoft Bing Images allows an unauthorized attacker to execute code over a network.

WAF Coverage Analysis

OS Command Injection High WAF Coverage

OWASP: A03:2021 Injection

932xxx - Remote Code Execution

References

msrc.microsoft.com

Back to CVE Database