CVE-2026-33156 HIGH

CVE-2026-33156: DLL Sideloading in ScreenToGif

Vendor Nickemanarin
Product ScreenToGif
Weakness CWE-426
Published March 20, 2026
Last update March 27, 2026

CVSS base score

7.8/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

ScreenToGif is a screen recording tool. In versions from 2.42.1 and prior, ScreenToGif is vulnerable to DLL sideloading via version.dll . When the portable executable is run from a user-writable directory, it loads version.dll from the application directory instead of the Windows System32 directory, allowing arbitrary code execution in the user's context. This is especially impactful because ScreenToGif is primarily distributed as a portable application intended to be run from user-writable locations. At time of publication, there are no publicly available patches.

Key dates

02Disclosure timeline

March 20, 2026 CVE published
March 27, 2026 Record updated