CVE-2025-59050

Name of the Vulnerable Software and Affected Versions Greenshot versions prior to 1.3.301

Description Greenshot is a Windows screenshot utility. Versions prior to 1.3.301 deserialize attacker-controlled data received in a WM COPYDATA message using BinaryFormatter.Deserialize without prior validation or authentication. This allows a local process at the same integrity level to trigger arbitrary code execution inside the Greenshot process. The vulnerable logic is located in a WinForms WndProc handler for the WM COPYDATA message (message 74), which copies supplied bytes into a MemoryStream and invokes BinaryFormatter.Deserialize, with authorization checks occurring after deserialization. This allows any gadget chain embedded in the serialized payload to execute regardless of channel membership. A local attacker who can send a WM COPYDATA message to the Greenshot main window can achieve in-process code execution.

Recommendations Update to Greenshot version 1.3.301 or later.