CVE-2026-62294
Flameshot: OCTOU symlink attack via predictable /tmp path in Flameshot "Open With"
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
Flameshot is powerful yet simple to use screenshot software. Prior to 14.0.0, the Open With feature wrote screenshots to a predictable temporary path and followed symlinks, creating a time-of-check to time-of-use race that allowed a local unprivileged attacker on the same machine to pre-plant a symlink and cause Flameshot to write PNG data through it, overwriting any file the victim user could write. This issue is fixed in version 14.0.0.
| CWE | CWE-362 CWE-377 |
| Vendor | flameshot-org |
| Product | flameshot |
| Published | Jul 15, 2026 |
| Last Updated | Jul 15, 2026 |
Stay Ahead of the Next One
Get instant alerts for flameshot-org flameshot
Be the first to know when new unknown vulnerabilities affecting flameshot-org flameshot are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
flameshot-org / flameshot
< 14.0.0
References
github.com: https://github.com/flameshot-org/flameshot/security/advisories/GHSA-fqqf-4rj8-c392 github.com: https://github.com/flameshot-org/flameshot/pull/4716 github.com: https://github.com/flameshot-org/flameshot/commit/936716b8d8b7052be461c3d5e2f88492b6eb3b96 github.com: https://github.com/flameshot-org/flameshot/releases/tag/v14.0.0