Published:2026/04/23 Last Updated:2026/04/23
JVN#57877356
Multiple vulnerabilities in LogonTracer
Overview
LogonTracer provided by Japan Computer Emergency Response Team Coordination Center (JPCERT/CC) contains multiple vulnerabilities.
Products Affected
- LogonTracer prior to v2.0.0
Description
LogonTracer provided by Japan Computer Emergency Response Team Coordination Center (JPCERT/CC) is a tool to investigate malicious Windows logons by visualizing and analyzing Windows event logs.
LogonTracer contains multiple vulnerabilities listed below.
- OS command injection (CWE-78)
- CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N Base Score 8.7
- CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Base Score 8.8
- CVE-2026-33277
- Improper neutralization of special elements in data query logic (CWE-943)
- CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N Base Score 5.1
- CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N Base Score 4.3
- CVE-2026-33566
Impact
- An arbitrary OS command may be executed by a logged-in user (CVE-2026-33277)
- If specially crafted Windows event log data is loaded, the contents of the database may be altered (CVE-2026-33566)
Solution
Update the Software
Update the software to the latest version.
The developer has released the following version to address these vulnerabilities.
- LogonTracer v2.0.0
Vendor Status
| Vendor | Status | Last Update | Vendor Notes |
|---|---|---|---|
| Japan Computer Emergency Response Team Coordination Center (JPCERT/CC) | Vulnerable | 2026/04/23 | Japan Computer Emergency Response Team Coordination Center (JPCERT/CC) website |
References
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
Credit
Yuki Matsuhashi reported these vulnerabilities to IPA.
JPCERT/CC coordinated internally under Information Security Early Warning Partnership.
Other Information
| JPCERT Alert |
|
| JPCERT Reports |
|
| CERT Advisory |
|
| CPNI Advisory |
|
| TRnotes |
|
| CVE |
CVE-2026-33277 |
|
CVE-2026-33566 |
|
| JVN iPedia |
JVNDB-2026-000059 |