What is CVE-2026-33566?

CVE-2026-33566 is a medium-severity vulnerability in Japan Computer Emergency Response Team Coordination Center (Jpcert/cc) Logontracer, classified under Improper Neutralization of Special Elements in Data Query Logic. CVSS score: 4.3/10. Published 2026-04-27.

How severe is CVE-2026-33566?

Medium severity. CVSS v3 base score is 4.3 out of 10.

Vulnerability in Japan Computer Emergency Response Team Coordination Center (Jpcert/cc) Logontracer

CVE-2026-33566

There is a cypher injection issue in LogonTracer prior to v2.0.0. If specially crafted Windows event log data is loaded, the contents of the database may be altered.

EPSS: 0.000 (11.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 4.3 (Medium). Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N.

Affected products

Japan Computer Emergency Response Team Coordination Center (Jpcert/cc) Logontracer — versions prior to v2.0.0
Jpcert Logontracer

Weakness classification (CWE)

CWE-943 — Improper Neutralization of Special Elements in Data Query Logic

References

vultures@jpcert.or.jp (Third Party Advisory)
vultures@jpcert.or.jp (Third Party Advisory)

Frequently asked questions

What is CVE-2026-33566?: CVE-2026-33566 is a medium-severity vulnerability in Japan Computer Emergency Response Team Coordination Center (Jpcert/cc) Logontracer, classified under Improper Neutralization of Special Elements in Data Query Logic. CVSS score: 4.3/10. Published 2026-04-27.
How severe is CVE-2026-33566?: Medium severity. CVSS v3 base score is 4.3 out of 10.