HIGHCVE-2026-22035Published 2026-01-08Modified 2026-02-26CNA GitHub_M

CVE-2026-22035: Greenshot Vulnerable to OS Command Injection via ExternalCommand Plugin

Greenshot is an open source Windows screenshot utility. Versions 1.3.310 and below arvulnerable to OS Command Injection through unsanitized filename processing. The FormatArguments method in ExternalCommandDestination.cs:269 uses string.Format() to insert user-controlled filenames directly into shell commands without sanitization, allowing attackers to execute arbitrary commands by crafting malicious filenames containing shell metacharacters. This issue is fixed in version 1.3.311.

CVSS v3.1: 7.8
Severity: HIGH
Fixed in: —
Affected Products: 1

Affected packages

greenshot / greenshot
< 1.3.311

CVSS Vector

CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

References

https://github.com/greenshot/greenshot/security/advisories/GHSA-7hvw-q8q5-gpmj
https://github.com/greenshot/greenshot/commit/5dedd5c9f0a9896fa0af1d4980d875a48bf432cb
https://github.com/greenshot/greenshot/releases/tag/v1.3.311

Metrics