What is the CVSS score of EUVD-2026-22649?

EUVD-2026-22649 has a CVSS 3.1 base score of 4.3 (Medium). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N. EPSS exploitation probability: 0.1%.

Is there a public PoC exploit available for EUVD-2026-22649?

Yes, a public proof-of-concept exploit is available for EUVD-2026-22649. Prioritise patching immediately. EPSS: 0.1%.

Is there a patch available for EUVD-2026-22649?

Yes, a patch is available for EUVD-2026-22649. Update the affected software to the latest version immediately.

Microsoft EUVD-2026-22649

| CVE-2026-33829 MEDIUM

Information Exposure (CWE-200)

2026-04-14 microsoft

GHSA-wmq5-p9j9-jfgx

Information Disclosure Microsoft

4.3

CVSS 3.1 · NVD

Temporal: 3.8

Severity by source

NVD PRIMARY

4.3 MEDIUM

AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

CIRCL (temporal)

3.8 LOW

cvss

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

Low

Integrity

None

Availability

None

Lifecycle Timeline

Analysis Generated

Apr 14, 2026 - 19:43 vuln.today

EUVD ID Assigned

Apr 14, 2026 - 17:46 euvd

EUVD-2026-22649

Analysis Generated

Apr 14, 2026 - 17:46 vuln.today

Patch released

Apr 14, 2026 - 17:46 nvd

Patch available

CVE Published

Apr 14, 2026 - 16:58 nvd

MEDIUM 4.3

DescriptionCVE.org

Exposure of sensitive information to an unauthorized actor in Windows Snipping Tool allows an unauthorized attacker to perform spoofing over a network.

AnalysisAI

Windows Snipping Tool leaks sensitive information to unauthenticated network attackers via user interaction, enabling spoofing attacks. The vulnerability affects Windows 10 (versions 1607, 1809, 21H2, 22H2) and Windows 11 (versions 22H3, 23H2, 24H2, 25H2, 26H1), as well as Windows Server 2012 through 2025. …

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Vulnerability AssessmentAI

Risk Assessment	This vulnerability presents moderate real-world risk despite its low CVSS score of 4.3. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario	An attacker crafts a scenario in which a user captures a sensitive screenshot (e.g., credentials, API keys, or personal data) using Snipping Tool and either shares the snip via network-enabled features, uploads it to cloud sync, or the tool automatically transmits
Remediation	Apply vendor-released patches from Microsoft to achieve remediation. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

EUVD-2026-22649 vulnerability details – vuln.today

Back

Microsoft EUVD-2026-22649

Severity by source

CVSS VectorNVD

Lifecycle Timeline

DescriptionCVE.org

AnalysisAI

Unlock full vulnerability intelligence

Vulnerability AssessmentAI

Share

External POC / Exploit Code