What is CVE-2026-25792?

CVE-2026-25792 is a medium-severity vulnerability in Greenshot, classified under Untrusted Search Path. CVSS score: 6.5/10. Published 2026-03-20.

How severe is CVE-2026-25792?

Medium severity. CVSS v3 base score is 6.5 out of 10.

Vulnerability in Greenshot

CVE-2026-25792

Greenshot is an open source Windows screenshot utility. Versions 1.3.312 and below have untrusted executable search path / binary hijacking vulnerability that allows a local attacker to execute arbitrary code when the affected Windows appl…

EPSS: 0.000 (5.1th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H.

Affected products

Greenshot — versions <= 1.3.312

Weakness classification (CWE)

CWE-426 — Untrusted Search Path

References

https://github.com/greenshot/greenshot/security/advisories/GHSA-f8v9-7fph-fr2j (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2026-25792?: CVE-2026-25792 is a medium-severity vulnerability in Greenshot, classified under Untrusted Search Path. CVSS score: 6.5/10. Published 2026-03-20.
How severe is CVE-2026-25792?: Medium severity. CVSS v3 base score is 6.5 out of 10.