Description
A vulnerability has been found in bolo-solo up to 2.6.4. This impacts the function importMarkdownsSync of the file src/main/java/org/b3log/solo/bolo/prop/BackupService.java of the component SnakeYAML. Such manipulation leads to deserialization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Published: 2026-01-30
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Remote Deserialization
Action: Assess Impact
AI Analysis

Impact

A flaw was discovered in the importMarkdownsSync function of the BackupService component of bolo‑solo, which uses SnakeYAML to deserialize data supplied to the function. The deserialization process accepts untrusted input and can produce arbitrary objects, enabling remote attackers to influence the program’s execution flow and potentially execute malicious code in the context of the deployed application. The vulnerability is not a denial‑of‑service issue; instead, it provides a path for an attacker to run code on the host that runs the vulnerable application. The weakness is a classic deserialization of untrusted data coupled with improper input validation.

Affected Systems

All installations of the bolo‑solo application up to and including version 2.6.4 are vulnerable. The issue appears in the source file src/main/java/org/b3log/solo/bolo/prop/BackupService.java and is triggered by the importMarkdownsSync operation. Users with recent releases beyond 2.6.4 are presumed to be unaffected, though the exact patch version is not specified in the advisory.

Risk and Exploitability

The CVSS score of 5.3 indicates moderate severity. The EPSS score is reported as less than 1%, implying a very low probability of exploitation currently. The vulnerability is not listed in the CISA KEV catalog. Attackers would need a remote entry point that calls importMarkdownsSync, so protecting or disabling that endpoint reduces the attack surface. While the flaw can lead to remote code execution, the low exploitation probability suggests immediate patching is advised but not urgent if remediation cannot be applied without risk to service availability.

Generated by OpenCVE AI on April 18, 2026 at 01:04 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade bolo‑solo to a version that resolves the importMarkdownsSync deserialization flaw, or, if the update is not available, replace the vulnerable SnakeYAML dependency with a version that blocks unsafe deserialization.
  • Restrict or disable external access to the API or interface that invokes importMarkdownsSync to prevent remote triggering of the deserialization process.
  • Implement input validation or a safe‑deserialization mechanism on the data passed to importMarkdownsSync, ensuring only trusted, well‑formed YAML is processed.

Generated by OpenCVE AI on April 18, 2026 at 01:04 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 03 Mar 2026 01:15:00 +0000

Type Values Removed Values Added
First Time appeared Adlered
Adlered bolo-solo
CPEs cpe:2.3:a:adlered:bolo-solo:*:*:*:*:*:*:*:*
Vendors & Products Adlered
Adlered bolo-solo

Tue, 03 Feb 2026 15:00:00 +0000

Type Values Removed Values Added
First Time appeared Bolo-blog
Bolo-blog bolo-solo
Vendors & Products Bolo-blog
Bolo-blog bolo-solo

Fri, 30 Jan 2026 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 30 Jan 2026 17:15:00 +0000

Type Values Removed Values Added
Description A vulnerability has been found in bolo-solo up to 2.6.4. This impacts the function importMarkdownsSync of the file src/main/java/org/b3log/solo/bolo/prop/BackupService.java of the component SnakeYAML. Such manipulation leads to deserialization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Title bolo-solo SnakeYAML BackupService.java importMarkdownsSync deserialization
Weaknesses CWE-20
CWE-502
References
Metrics cvssV2_0

{'score': 6.5, 'vector': 'AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:C'}

cvssV3_0

{'score': 6.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:C'}

cvssV3_1

{'score': 6.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:C'}

cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Adlered Bolo-solo
Bolo-blog Bolo-solo
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-02-23T09:10:21.991Z

Reserved: 2026-01-30T07:59:47.772Z

Link: CVE-2026-1691

cve-icon Vulnrichment

Updated: 2026-01-30T19:25:59.433Z

cve-icon NVD

Status : Analyzed

Published: 2026-01-30T17:16:14.150

Modified: 2026-03-03T01:09:37.490

Link: CVE-2026-1691

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T01:15:05Z

Weaknesses