Vulnerability Details CVE-2026-25792
Greenshot is an open source Windows screenshot utility. Versions 1.3.312 and below have untrusted executable search path / binary hijacking vulnerability that allows a local attacker to execute arbitrary code when the affected Windows application launches explorer.exe without using an absolute path. The vulnerable behavior is triggered when the user double-clicks the application’s tray icon, which opens the directory containing the most recent screenshot captured by the application. By placing a malicious executable with the same name in a location searched prior to the legitimate Windows binary, an attacker can gain code execution in the context of the application. This issue did not have a patch at the time of publication.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 2.1%
CVSS Severity
CVSS v3 Score 6.5
Products affected by CVE-2026-25792
-
cpe:2.3:a:getgreenshot:greenshot:1.2.10.6
-
cpe:2.3:a:getgreenshot:greenshot:1.2.8.12
-
cpe:2.3:a:getgreenshot:greenshot:1.2.8.14
-
cpe:2.3:a:getgreenshot:greenshot:1.2.9.104
-
cpe:2.3:a:getgreenshot:greenshot:1.2.9.112
-
cpe:2.3:a:getgreenshot:greenshot:1.2.9.129
-
cpe:2.3:a:getgreenshot:greenshot:1.3.105
-
cpe:2.3:a:getgreenshot:greenshot:1.3.106
-
cpe:2.3:a:getgreenshot:greenshot:1.3.108
-
cpe:2.3:a:getgreenshot:greenshot:1.3.151
-
cpe:2.3:a:getgreenshot:greenshot:1.3.154
-
cpe:2.3:a:getgreenshot:greenshot:1.3.157
-
cpe:2.3:a:getgreenshot:greenshot:1.3.178
-
cpe:2.3:a:getgreenshot:greenshot:1.3.194
-
cpe:2.3:a:getgreenshot:greenshot:1.3.201
-
cpe:2.3:a:getgreenshot:greenshot:1.3.202
-
cpe:2.3:a:getgreenshot:greenshot:1.3.203
-
cpe:2.3:a:getgreenshot:greenshot:1.3.204
-
cpe:2.3:a:getgreenshot:greenshot:1.3.205
-
cpe:2.3:a:getgreenshot:greenshot:1.3.211
-
cpe:2.3:a:getgreenshot:greenshot:1.3.213
-
cpe:2.3:a:getgreenshot:greenshot:1.3.218
-
cpe:2.3:a:getgreenshot:greenshot:1.3.219
-
cpe:2.3:a:getgreenshot:greenshot:1.3.220
-
cpe:2.3:a:getgreenshot:greenshot:1.3.223
-
cpe:2.3:a:getgreenshot:greenshot:1.3.229
-
cpe:2.3:a:getgreenshot:greenshot:1.3.231
-
cpe:2.3:a:getgreenshot:greenshot:1.3.234
-
cpe:2.3:a:getgreenshot:greenshot:1.3.235
-
cpe:2.3:a:getgreenshot:greenshot:1.3.238
-
cpe:2.3:a:getgreenshot:greenshot:1.3.239
-
cpe:2.3:a:getgreenshot:greenshot:1.3.244
-
cpe:2.3:a:getgreenshot:greenshot:1.3.246
-
cpe:2.3:a:getgreenshot:greenshot:1.3.249
-
cpe:2.3:a:getgreenshot:greenshot:1.3.254
-
cpe:2.3:a:getgreenshot:greenshot:1.3.256
-
cpe:2.3:a:getgreenshot:greenshot:1.3.258
-
cpe:2.3:a:getgreenshot:greenshot:1.3.259
-
cpe:2.3:a:getgreenshot:greenshot:1.3.260
-
cpe:2.3:a:getgreenshot:greenshot:1.3.261
-
cpe:2.3:a:getgreenshot:greenshot:1.3.262
-
cpe:2.3:a:getgreenshot:greenshot:1.3.265
-
cpe:2.3:a:getgreenshot:greenshot:1.3.270
-
cpe:2.3:a:getgreenshot:greenshot:1.3.273
-
cpe:2.3:a:getgreenshot:greenshot:1.3.274
-
cpe:2.3:a:getgreenshot:greenshot:1.3.275
-
cpe:2.3:a:getgreenshot:greenshot:1.3.277
-
cpe:2.3:a:getgreenshot:greenshot:1.3.281
-
cpe:2.3:a:getgreenshot:greenshot:1.3.284
-
cpe:2.3:a:getgreenshot:greenshot:1.3.286
-
cpe:2.3:a:getgreenshot:greenshot:1.3.287
-
cpe:2.3:a:getgreenshot:greenshot:1.3.288
-
cpe:2.3:a:getgreenshot:greenshot:1.3.289
-
cpe:2.3:a:getgreenshot:greenshot:1.3.290
-
cpe:2.3:a:getgreenshot:greenshot:1.3.291
-
cpe:2.3:a:getgreenshot:greenshot:1.3.292
-
cpe:2.3:a:getgreenshot:greenshot:1.3.293
-
cpe:2.3:a:getgreenshot:greenshot:1.3.294
-
cpe:2.3:a:getgreenshot:greenshot:1.3.296
-
cpe:2.3:a:getgreenshot:greenshot:1.3.297
-
cpe:2.3:a:getgreenshot:greenshot:1.3.298
-
cpe:2.3:a:getgreenshot:greenshot:1.3.299
-
cpe:2.3:a:getgreenshot:greenshot:1.3.300
-
cpe:2.3:a:getgreenshot:greenshot:1.3.301
-
cpe:2.3:a:getgreenshot:greenshot:1.3.302
-
cpe:2.3:a:getgreenshot:greenshot:1.3.55
-
cpe:2.3:a:getgreenshot:greenshot:1.3.57
-
cpe:2.3:a:getgreenshot:greenshot:1.3.63
-
cpe:2.3:a:getgreenshot:greenshot:1.3.69
-
cpe:2.3:a:getgreenshot:greenshot:1.3.71
-
cpe:2.3:a:getgreenshot:greenshot:1.3.75
-
cpe:2.3:a:getgreenshot:greenshot:1.3.76