Security Advisory

CVE-2025-55294

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-08-19 17:34:54

Last updated 2025-08-19 20:03:52

Assigner GitHub_M

State PUBLISHED

Description

screenshot-desktop allows capturing a screenshot of your local machine. This vulnerability is a command injection issue. When user-controlled input is passed into the format option of the screenshot function, it is interpolated into a shell command without sanitization. This results in arbitrary command execution with the privileges of the calling process. This vulnerability is fixed in 1.15.2.

← Browse all CVEs View on cve.org ↗