CVE-2026-33829: Windows Snipping Tool leaks NTLM hashes — PoC and patch

A single click on a crafted ms-screensketch:// link is enough to leak your Windows NTLMv2 hash. BlackArrowSec just published the PoC. Here is how CVE-2026-33829 works and what to patch.