5.1
CVE-2026-33566
- EPSS 0.18%
- Veröffentlicht 27.04.2026 00:16:20
- Zuletzt bearbeitet 28.04.2026 18:15:39
- Quelle vultures@jpcert.or.jp
- CVE-Watchlists
- Unerledigt
Apache Camel: Inbound Header Filter Missing in MailHeaderFilterStrategy Allows Remote Code Execution via MIME Header Injection (CVE-2025-30177 Variant)
There is a cypher injection issue in LogonTracer prior to v2.0.0. If specially crafted Windows event log data is loaded, the contents of the database may be altered.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Jpcert ≫ Logontracer Version < 2.0.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.18% | 0.073 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| vultures@jpcert.or.jp | 5.1 | 0 | 0 |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
| vultures@jpcert.or.jp | 4.3 | 2.8 | 1.4 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
|
CWE-943 Improper Neutralization of Special Elements in Data Query Logic
The product generates a query intended to access or manipulate data in a data store such as a database, but it does not neutralize or incorrectly neutralizes special elements that can modify the intended logic of the query.
https://jvn.jp/en/jp/JVN57877356/
https://www.jpcert.or.jp/press/2026/PR20260423.html