[Japanese]

JVNDB-2026-000059

Multiple vulnerabilities in LogonTracer

Overview

LogonTracer provided by Japan Computer Emergency Response Team Coordination Center (JPCERT/CC) is a tool to investigate malicious Windows logons by visualizing and analyzing Windows event logs.
LogonTracer contains multiple vulnerabilities listed below.
  • OS command injection (CWE-78) - CVE-2026-33277
  • Improper neutralization of special elements in data query logic (CWE-943) - CVE-2026-33566
Yuki Matsuhashi reported these vulnerabilities to IPA.
JPCERT/CC coordinated internally under Information Security Early Warning Partnership.
CVSS Severity (What is CVSS?)

CVSS V3 Severity:
Base Metrics 8.8 (High) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High
CVSS v4 Severity
Base Metrics: 8.7 (High) [IPA Score]
  • Access Vector (AV): Network
  • Attack Complexity (AC): Low
  • Attack Requirements (AT): None
  • Privileges Required (PR): Low
  • User Interaction (UI): None
    • Vulnerable System Impact
  • Confidentiality Impact (VC): High
  • Integrity Impact (VI): High
  • Availability Impact (VA): High
    • Subsequent System Impact
  • Confidentiality Impact (SC): None
  • Integrity Impact (SI): None
  • Availability Impact (SA): None
The above CVSS base scores have been assigned for CVE-2026-33277

CVSS v3 Severity
Base Metrics: 4.3(Medium) [IPA Score]
  • Access Vector : Network
  • Attack Complexity : Low
  • Privileges Required : None
  • User Interaction : Required
  • Scope : Unchanged
  • Confidentiality Impact : None
  • Integrity Impact : Low
  • Availability Impact : None
CVSS v4 Severity
Base Metrics: 5.1 (Medium) [IPA Score]
  • Access Vector (AV): Network
  • Attack Complexity (AC): Low
  • Attack Requirements (AT): None
  • Privileges Required (PR): None
  • User Interaction (UI): Active
    • Vulnerable System Impact
  • Confidentiality Impact (VC): None
  • Integrity Impact (VI): Low
  • Availability Impact (VA): None
    • Subsequent System Impact
  • Confidentiality Impact (SC): None
  • Integrity Impact (SI): None
  • Availability Impact (SA): None
The above CVSS base scores have been assigned for CVE-2026-33566
Affected Products


JPCERT Coordination Center
  • LogonTracer prior to v2.0.0

Impact

  • An arbitrary OS command may be executed by a logged-in user (CVE-2026-33277)
  • If specially crafted Windows event log data is loaded, the contents of the database may be altered (CVE-2026-33566)
Solution

[Update the Software]
Update the software to the latest version.
The developer has released the following version to address these vulnerabilities.
  • LogonTracer v2.0.0
For more details, refer to the information provided by the developer.
Vendor Information

JPCERT Coordination Center
CWE (What is CWE?)

  1. OS Command Injection(CWE-78) [IPA Evaluation]
  2. No Mapping(CWE-Other) [IPA Evaluation]
CVE (What is CVE?)

  1. CVE-2026-33277
  2. CVE-2026-33566
References

  1. JVN : JVN#57877356
Revision History

  • [2026/04/23]
      Web page was published

Date Public2026/04/23
Date First Published2026/04/23
Date Last Updated2026/04/23