Every CVE whose affected-product data names Jpcert Logontracer, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2018-16167 — CVSS 9.8 (critical): LogonTracer 1.2.0 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors.
CVE-2018-16168 — CVSS 9.8 (critical): LogonTracer 1.2.0 and earlier allows remote attackers to conduct Python code injection attacks via unspecified vectors.
CVE-2018-16166 — CVSS 8.8 (high): LogonTracer 1.2.0 and earlier allows remote attackers to conduct XML External Entity (XXE) attacks via unspecified vectors.
CVE-2026-33277 — CVSS 8.8 (high): An OS command Injection issue exists in LogonTracer prior to v2.0.0. An arbitrary OS command may be executed by a logged-in user.
CVE-2018-16165 — CVSS 6.1 (medium): Cross-site scripting vulnerability in LogonTracer 1.2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via…
CVE-2026-33566 — CVSS 4.3 (medium): There is a cypher injection issue in LogonTracer prior to v2.0.0. If specially crafted Windows event log data is loaded, the contents of…