CVE-2026-22035
HIGHGreenshot < 1.3.311 - OS Command Injection via Filename Processing
Title source: llmDescription
Greenshot is an open source Windows screenshot utility. Versions 1.3.310 and below arvulnerable to OS Command Injection through unsanitized filename processing. The FormatArguments method in ExternalCommandDestination.cs:269 uses string.Format() to insert user-controlled filenames directly into shell commands without sanitization, allowing attackers to execute arbitrary commands by crafting malicious filenames containing shell metacharacters. This issue is fixed in version 1.3.311.
References (3)
Core 3
Core References
Vendor Advisory, Exploit x_refsource_confirm
https://github.com/greenshot/greenshot/security/advisories/GHSA-7hvw-q8q5-gpmj
Patch x_refsource_misc
https://github.com/greenshot/greenshot/commit/5dedd5c9f0a9896fa0af1d4980d875a48bf432cb
Release Notes x_refsource_misc
https://github.com/greenshot/greenshot/releases/tag/v1.3.311
Scores
CVSS v3
7.7
EPSS
0.0090
EPSS Percentile
54.8%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
total
Details
CWE
CWE-78
Status
published
Products (1)
getgreenshot/greenshot
< 1.3.311
Published
Jan 08, 2026
Tracked Since
Feb 18, 2026