CVE-2026-33566 MEDIUM

CVE-2026-33566

Vendor Japan Computer Emergency Response Team Coordination Center (Jpcert/Cc)
Product LogonTracer
Weakness CWE-943
Published April 27, 2026
Last update April 27, 2026

CVSS base score

4.3/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

What the vulnerability does

01Description

There is a cypher injection issue in LogonTracer prior to v2.0.0. If specially crafted Windows event log data is loaded, the contents of the database may be altered.

Key dates

02Disclosure timeline

April 27, 2026 CVE published
April 27, 2026 Record updated