anonhaven
Ad

CVE-2026-33829

MEDIUM CVSS 3.1: 4.3
Updated Apr 17, 2026
Microsoft
Parameter Value
CVSS 4.3 (MEDIUM)
Affected Versions before 10.0.28000.1836
Fixed In 10.0.14393.9060
Type CWE-200 (Information Exposure)
Vendor Microsoft
Public PoC No

Exposure of sensitive information to an unauthorized actor in Windows Snipping Tool allows an unauthorized attacker to perform spoofing over a network.

Attack Parameters

Attack Vector
Network
Can be exploited remotely
Attack Complexity
Low
Easy to exploit
Privileges Required
None
No privileges needed
User Interaction
Required
User action required

Impact Assessment

Confidentiality
Low
Partial data leak
Integrity
None
No data modification
Availability
None
No disruption

CVSS Vector v3.1

Weakness Type (CWE)

CWE-200 Information Exposure

Vulnerable Products 25

Configuration From (including) Up to (excluding)
Microsoft Windows_10_1607
cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*
 10.0.14393.9060
Microsoft Windows_10_1607
cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*
 10.0.14393.9060
Microsoft Windows_10_1809
cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
 10.0.17763.8644
Microsoft Windows_10_1809
cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*
 10.0.17763.8644
Microsoft Windows_10_21h2
cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*
 10.0.19044.7184
Microsoft Windows_10_21h2
cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*
 10.0.19044.7184
Microsoft Windows_10_21h2
cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*
 10.0.19044.7184
Microsoft Windows_10_22h2
cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*
 10.0.19045.7184
Microsoft Windows_10_22h2
cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*
 10.0.19045.7184
Microsoft Windows_10_22h2
cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*
 10.0.19045.7184
Microsoft Windows_11_23h2
cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*
 10.0.22631.6936
Microsoft Windows_11_23h2
cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*
 10.0.22631.6936
Microsoft Windows_11_24h2
cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*
 10.0.26100.8246
Microsoft Windows_11_24h2
cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*
 10.0.26100.8246
Microsoft Windows_11_25h2
cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:arm64:*
 10.0.26200.8246
Microsoft Windows_11_25h2
cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:x64:*
 10.0.26200.8246
Microsoft Windows_11_26h1
cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:arm64:*
 10.0.28000.1836
Microsoft Windows_11_26h1
cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:x64:*
 10.0.28000.1836
Microsoft Windows_Server_2012
cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*
Microsoft Windows_Server_2012
cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*
Microsoft Windows_Server_2016
cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
 10.0.14393.9060
Microsoft Windows_Server_2019
cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
 10.0.17763.8644
Microsoft Windows_Server_2022
cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*
 10.0.20348.5020
Microsoft Windows_Server_2022_23h2
cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*
 10.0.25398.2274
Microsoft Windows_Server_2025
cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*
 10.0.26100.32690

References 1

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33829
secure@microsoft.com
Share Post Share Share Share

Related Vulnerabilities

CVE-2026-33827

Microsoft

8.1

CVE-2026-33826

Microsoft

8.0

CVE-2026-33824

Microsoft

9.8

CVE-2026-33104

Microsoft

7.0

CVE-2026-33101

Microsoft

7.8