Home / Vulnerability Intelligence / CVE-2017-20227

CVE-2017-20227 - Vulnerability Analysis

CriticalCVSS: 9.8

Last Updated: March 30, 2026

JAD Java Decompiler - Buffer Overflow

Published: March 28, 2026Updated: March 30, 2026Remote Exploitable

Overview

JAD Java Decompiler <= 1.5.8e-1kali1 contains a stack-based buffer overflow caused by overly long input exceeding buffer boundaries, letting attackers execute arbitrary code remotely, exploit requires crafted malicious input.

Severity & Score

Severity: Critical

CVSS Score: 9.8

EPSS Score: 6.8%(Probability of exploitation in next 30 days)

Impact

Attackers can execute arbitrary code remotely, potentially gaining full control of the affected system.

Mitigation

Update to the latest version of JAD Java Decompiler.

References

Social Media Activity(1 post)

Yazoul - Cybersecurity Alerts

@Matchbook3469

Mar 29, 2026

🔴 New security advisory: CVE-2017-20227 affects multiple systems. • Impact: Remote code execution or complete system compromise possible • Risk: Attackers can gain full control of affected systems • Mitigation: Patch immediately or isolate affected systems Full breakdown: https://www.yazoul.net/advisory/cve/cve-2017-20227-jad-java-decompiler-buffer-overflow-update-now #Cybersecurity #SecurityPatching #HackerNews

View original post

Related Resources

Details

CVE ID: CVE-2017-20227
Severity: Critical
CVSS Score: 9.8
Type: buffer_overflow
Status: unconfirmed
EPSS: 6.8%
Social Posts: 1

CWE

CWE-787

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score

6.8%Probability of exploitation in the next 30 days