ByteOS Network

NVD Vulnerability Details :

CVE-2026-44612

Deferred

Source-vultures@jpcert.or.jp

Published At-13 May, 2026 | 06:16

Updated At-13 May, 2026 | 15:47

Bytello Share (Windows Edition) installer executable provided by Bytello insecurely loads Dynamic Link Libraries. If there is a crafted DLL at the same directory when invoking the affected installer, arbitrary code may be executed with the privilege of the user invoking the installer.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Secondary	4.0	8.4	HIGH	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Secondary	3.0	7.8	HIGH	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Type: Secondary

Version: 4.0

Base score: 8.4

Base severity: HIGH

Vector:

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Type: Secondary

Version: 3.0

Base score: 7.8

Base severity: HIGH

Vector:

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Weaknesses

CWE ID	Type	Source
CWE-427	Primary	vultures@jpcert.or.jp

CWE ID: CWE-427

Type: Primary

Source: vultures@jpcert.or.jp

References

Hyperlink	Source	Resource
https://jvn.jp/en/jp/JVN98871848/	vultures@jpcert.or.jp	N/A
https://www.bytello.com/help/share/downloads	vultures@jpcert.or.jp	N/A

Hyperlink: https://jvn.jp/en/jp/JVN98871848/

Source: vultures@jpcert.or.jp

Resource: N/A

Hyperlink: https://www.bytello.com/help/share/downloads

Source: vultures@jpcert.or.jp

Resource: N/A

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History