HIGHCVE-2026-44612Published Modified CNA jpcert
CVE-2026-44612: Bytello Share (Windows Edition) installer executable provided by Bytello insecurely loads Dynamic Link Libraries
Bytello Share (Windows Edition) installer executable provided by Bytello insecurely loads Dynamic Link Libraries. If there is a crafted DLL at the same directory when invoking the affected installer, arbitrary code may be executed with the privilege of the user invoking the installer.
Metrics
- CVSS v4.0
- 8.4
- Severity
- HIGH
- Fixed in
- —
- Affected Products
- 1
Affected packages
- Bytello / Bytello Share (Windows Edition) installer executableprior to 5.13.0.4246
CVSS Vector
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:NReferences