Greenshot

2 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2026-22035 HIGH POC PATCH This Week

Arbitrary command execution in Greenshot 1.3.310 and earlier stems from insufficient input validation in filename processing, where unsanitized user-supplied filenames are passed directly to shell commands. An attacker can exploit this through a malicious filename containing shell metacharacters to achieve local code execution with user privileges. Public exploit code exists for this vulnerability; users should upgrade to version 1.3.311 or later.

Windows Command Injection Greenshot
NVD GitHub
CVSS 3.1
7.7
EPSS
0.0%
CVE-2025-59050 HIGH POC PATCH This Week

Greenshot is an open source Windows screenshot utility. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

RCE Deserialization Microsoft Greenshot Windows
NVD GitHub
CVSS 3.1
8.4
EPSS
0.3%
CVE-2026-22035
EPSS 0% CVSS 7.7
HIGH POC PATCH This Week

Arbitrary command execution in Greenshot 1.3.310 and earlier stems from insufficient input validation in filename processing, where unsanitized user-supplied filenames are passed directly to shell commands. An attacker can exploit this through a malicious filename containing shell metacharacters to achieve local code execution with user privileges. Public exploit code exists for this vulnerability; users should upgrade to version 1.3.311 or later.

Windows Command Injection Greenshot
NVD GitHub
CVE-2025-59050
EPSS 0% CVSS 8.4
HIGH POC PATCH This Week

Greenshot is an open source Windows screenshot utility. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

RCE Deserialization Microsoft +2
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy