Unpatched Windows Search URI Vulnerability Lets Attackers Steal NTLMv2 Hashes
Unpatched Windows Search URI Vulnerability Lets Attackers Steal NTLMv2 Hashes
03 June 2026
Cybersecurity researchers have disclosed details of an unpatched issue that could be exploited to disclose a user's NTLMv2 hash to the attacker.
Like in the case of CVE-2026-33829, which impacted the Windows Snipping Tool's ms-screensketch: URI handler, the newly flagged issue resides in the search: URI handler, per Huntress.
CVE-2026-33829 refers to a spoofing vulnerability that could expose