CVE-2026-32186
Elevation of Privilege Vulnerability in Microsoft Bing Allowing Privilege Escalation
Publication date: 2026-04-03
Last updated on: 2026-04-13
Assigner: Microsoft Corporation
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| microsoft | bing | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-918 | The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an Elevation of Privilege issue in Microsoft Bing. Elevation of Privilege vulnerabilities allow an attacker to gain higher access rights or permissions than intended, potentially enabling unauthorized actions.
How can this vulnerability impact me? :
If exploited, this vulnerability could allow an attacker to elevate their privileges on a system using Microsoft Bing, potentially leading to unauthorized access, modification of data, or execution of privileged operations.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not specify how the Microsoft Bing Elevation of Privilege Vulnerability (CVE-2026-32186) impacts compliance with common standards and regulations such as GDPR or HIPAA.