Logontracer CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2026-33277	2 Japan Computer Emergency Response Team Coordination Center (jpcert/cc), Jpcert	2 Logontracer, Logontracer	2026-04-28	N/A
An OS command Injection issue exists in LogonTracer prior to v2.0.0. An arbitrary OS command may be executed by a logged-in user.
CVE-2026-33566	2 Japan Computer Emergency Response Team Coordination Center (jpcert/cc), Jpcert	2 Logontracer, Logontracer	2026-04-28	N/A
There is a cypher injection issue in LogonTracer prior to v2.0.0. If specially crafted Windows event log data is loaded, the contents of the database may be altered.
CVE-2018-16168	1 Jpcert	1 Logontracer	2024-11-21	N/A
LogonTracer 1.2.0 and earlier allows remote attackers to conduct Python code injection attacks via unspecified vectors.
CVE-2018-16167	1 Jpcert	1 Logontracer	2024-11-21	N/A
LogonTracer 1.2.0 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors.
CVE-2018-16166	1 Jpcert	1 Logontracer	2024-11-21	N/A
LogonTracer 1.2.0 and earlier allows remote attackers to conduct XML External Entity (XXE) attacks via unspecified vectors.
CVE-2018-16165	1 Jpcert	1 Logontracer	2024-11-21	N/A
Cross-site scripting vulnerability in LogonTracer 1.2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Page 1 of 1.