CVE-2026-25792

MEDIUM 6.5

Greenshot Vulnerable to OS Command Injection via ExternalCommand Plugin

CVSS Score

6.5

EPSS Score

0.0%

EPSS Percentile

2th

Greenshot is an open source Windows screenshot utility. Versions 1.3.312 and below have untrusted executable search path / binary hijacking vulnerability that allows a local attacker to execute arbitrary code when the affected Windows application launches explorer.exe without using an absolute path. The vulnerable behavior is triggered when the user double-clicks the application’s tray icon, which opens the directory containing the most recent screenshot captured by the application. By placing a malicious executable with the same name in a location searched prior to the legitimate Windows binary, an attacker can gain code execution in the context of the application. This issue did not have a patch at the time of publication.

CWE	CWE-426
Vendor	greenshot
Product	greenshot
Published	Mar 20, 2026
Last Updated	Mar 24, 2026

Stay Ahead of the Next One

Get instant alerts for greenshot greenshot

Be the first to know when new medium vulnerabilities affecting greenshot greenshot are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

High

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected Versions

greenshot / greenshot

<= 1.3.312

References

NVD ↗ CVE.org ↗ EPSS Data ↗

github.com: https://github.com/greenshot/greenshot/security/advisories/GHSA-f8v9-7fph-fr2j