Spoofing Vulnerability in Windows Snipping Tool by Microsoft
CVE-2026-33829

4.3MEDIUM

Key Information:

Vendor

Microsoft
Status
Windows 10 Version 1607
Windows 10 Version 1809
Windows 10 Version 21h2
Windows 10 Version 22h2
Vendor
CVE Published:
14 April 2026

Badges

🥇 Trended No. 1📈 Trended📈 Score: 8,410👾 Exploit Exists📰 News Worthy

What is CVE-2026-33829?

CVE-2026-33829 is a spoofing vulnerability found in Microsoft’s Windows Snipping Tool, a utility designed for capturing screenshots and enhancing user productivity. This vulnerability arises from inadequate authorization controls, allowing unauthorized actors to exploit the tool over a network. Should an attacker successfully exploit this vulnerability, they could potentially gain the ability to spoof legitimate content, thereby misleading users or system processes. This weakness could enable further unauthorized actions such as accessing sensitive information or manipulating data displayed to users, causing significant disruptions, misinformation, or data integrity issues within an organization.

Potential impact of CVE-2026-33829

  1. Exposure of Sensitive Information: Unauthorized entities could gain access to confidential or sensitive information displayed through the Windows Snipping Tool, potentially leading to data breaches and severe privacy violations.

  2. Misinformation and Manipulation: The ability to spoof content could allow attackers to misrepresent information communicated to users, leading to incorrect decision-making based on manipulated output, which can affect business processes and user trust.

  3. Escalation of Attacks: This vulnerability could serve as a foothold for further attacks within an organization's network, as attackers may use it to gather intelligence or facilitate additional exploits that compromise security or system integrity.

Affected Version(s)

Windows 10 Version 1607 32-bit Systems 10.0.14393.0 < 10.0.14393.9060

Windows 10 Version 1809 32-bit Systems 10.0.17763.0 < 10.0.17763.8644

Windows 10 Version 21H2 32-bit Systems 10.0.19044.0 < 10.0.19044.7184

News Articles

favicon imageIt Security News

Windows Search URI Handler Flaw Leaks NTLMv2 Hashes to Attacker-Controlled Servers - IT Security News

A newly disclosed flaw in the Windows search URI handler can silently leak NTLMv2 hashes to attacker-controlled servers with nothing more than a single link click. This behavior is the same bug class as CVE-2026-33829 in the Snipping Tool, but Microsoft has…Read more →

3 weeks ago

favicon imageThe Hacker News

Unpatched Windows Search URI Vulnerability Lets Attackers Steal NTLMv2 Hashes

Unpatched Windows search: URI flaw leaks NTLMv2 hashes via SMB requests; disclosed April 2026, enabling relay attacks.

3 weeks ago

favicon imageIt Security News

Windows Search URI Handler Vulnerability Exposes NTLMv2 Hashes to Remote Attackers - IT Security News

Windows systems are once again exposed to NTLM credential leakage through a newly observed abuse of the search, URI handler, a vulnerability class closely mirroring the previously patched CVE-2026-33829 in the Snipping Tool. Windows Search URI Handler Vulnerability Security researchers from…Read mor...

3 weeks ago

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...
vendor-advisorypatch

CVSS V3.1

Score:
4.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • 🥇

    Vulnerability reached the number 1 worldwide trending spot

  • 👾

    Exploit known to exist

  • 📰

    First article discovered by It Security News

  • 📈

    Vulnerability started trending

  • Vulnerability published

  • Vulnerability Reserved

.