CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2026-27787

Cross-site scripting vulnerability exists in MATCHA SNS 1.3.9 and earlier. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the website using the product.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 9.0%

CVSS Severity

CVSS v3 Score 5.4

References

https://jvn.jp/en/jp/JVN33581068/
https://oss.icz.co.jp/news/?p=1388

Products affected by CVE-2026-27787

Icz » Matcha Sns » Version: Any

cpe:2.3:a:icz:matcha_sns:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-27787

Products

Pricing

Contact Us