Jpcert: >> Logontracer >> 1.3.1 Security Vulnerabilities
There is a cypher injection issue in LogonTracer prior to v2.0.0. If specially crafted Windows event log data is loaded, the contents of the database may be altered.
CVSS Score
5.1
EPSS Score
0.0
Published
2026-04-27
An OS command Injection issue exists in LogonTracer prior to v2.0.0. An arbitrary OS command may be executed by a logged-in user.
CVSS Score
8.7
EPSS Score
0.002
Published
2026-04-27