← Back
2026-05-13 5:44CVE-2026-44612jpcert
PUBLISHED5.2CWE-427

Bytello Share (Windows Edition) installer executable provided by Bytello insecurely loads Dynamic Link Libraries. If there is a crafted DLL at the same directory when invoking the affected installer, arbitrary code may be executed with the privilege of the user invoking the installer.

Problem type

Affected products

Bytello

Bytello Share (Windows Edition) installer executable

prior to 5.13.0.4246 - AFFECTED

References

bytello.com

https://www.bytello.com/help/share/downloads

jvn.jp

https://jvn.jp/en/jp/JVN98871848/

JSON source

https://cveawg.mitre.org/api/cve/CVE-2026-44612
Click to expand
{
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "cveMetadata": {
    "cveId": "CVE-2026-44612",
    "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
    "assignerShortName": "jpcert",
    "dateUpdated": "2026-05-13T05:44:01.819Z",
    "dateReserved": "2026-05-07T06:22:30.124Z",
    "datePublished": "2026-05-13T05:44:01.819Z",
    "state": "PUBLISHED"
  },
  "containers": {
    "cna": {
      "providerMetadata": {
        "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "shortName": "jpcert",
        "dateUpdated": "2026-05-13T05:44:01.819Z"
      },
      "descriptions": [
        {
          "lang": "en",
          "value": "Bytello Share (Windows Edition) installer executable provided by Bytello insecurely loads Dynamic Link Libraries. If there is a crafted DLL at the same directory when invoking the affected installer, arbitrary code may be executed with the privilege of the user invoking the installer."
        }
      ],
      "affected": [
        {
          "vendor": "Bytello",
          "product": "Bytello Share (Windows Edition) installer executable",
          "versions": [
            {
              "version": "prior to 5.13.0.4246",
              "status": "affected"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "lang": "en-US",
              "description": "Uncontrolled Search Path Element",
              "cweId": "CWE-427",
              "type": "CWE"
            }
          ]
        }
      ],
      "references": [
        {
          "url": "https://www.bytello.com/help/share/downloads"
        },
        {
          "url": "https://jvn.jp/en/jp/JVN98871848/"
        }
      ],
      "metrics": [
        {
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ],
          "cvssV3_0": {
            "version": "3.0",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "baseScore": 7.8,
            "baseSeverity": "HIGH"
          }
        },
        {
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ]
    }
  }
}