CVE-2026-33566

Summary

There is a cypher injection issue in LogonTracer prior to v2.0.0. If specially crafted Windows event log data is loaded, the contents of the database may be altered.

Affected Software

VendorProductVersion RangeStatus
Japan Computer Emergency Response Team Coordination Center (JPCERT/CC)LogonTracerprior to v2.0.0affected

Weaknesses

  • CWE-943: Improper Neutralization of Special Elements in Data Query Logic

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References