CVE-2026-33829

Name of the Vulnerable Software and Affected Versions Windows Snipping Tool (affected versions not specified)

Description An issue in the Windows Snipping Tool involves the exposure of sensitive information to unauthorized actors, which allows remote attackers to perform spoofing attacks over a network. Specifically, the application leaks NTLM (NT LAN Manager) authentication responses, which are hashes used for Windows authentication. Exploitation requires user interaction, such as tricking a victim into visiting a malicious webpage or opening a crafted link that invokes the Snipping Tool via the ms-screenclip or ms-screensketch URI schemes. This action causes the tool to connect to an attacker-controlled SMB (Server Message Block) server, leading Windows to silently send the user's NTLMv2 hash, which can then be cracked or relayed to gain unauthorized access to corporate networks.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.