CVE-2026-1810 - Vulnerability Details

- bolo-blog bolo-solo ZIP File BackupService.java unpackFilteredZip path traversal

Description

A vulnerability was detected in bolo-blog bolo-solo up to 2.6.4. The impacted element is the function unpackFilteredZip of the file src/main/java/org/b3log/solo/bolo/prop/BackupService.java of the component ZIP File Handler. Performing a manipulation of the argument File results in path traversal. The attack is possible to be carried out remotely. The exploit is now public and may be used. The project was informed of the problem early through an issue report but has not responded yet.

Published: 2026-02-03

Score: 5.3 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

The vulnerability exists in the ZIP File Handler of bolo‑solo, where the unpackFilteredZip function fails to validate location paths when extracting files. Passing a crafted file name in the argument causes the extracted file to be written outside the intended directory, enabling attackers to overwrite arbitrary files or read sensitive data. The flaw allows remote exploitation and carries a moderate score for damage potential, meaning an attacker may compromise confidentiality and integrity of system files.

Affected Systems

The affected SKU is bolo‑blog's bolo‑solo package, impacting all installations up to version 2.6.4. No official patch version was disclosed at the time of writing, and the product is listed as vulnerable until a corrected release is applied.

Risk and Exploitability

The CVSS score of 5.3 places the issue in the moderate band, while the EPSS rating of <1% suggests that automated exploitation is currently unlikely, though the vulnerability is public. It is not flagged in the CISA KEV catalog, but the remote attack vector and lack of vendor response mean that a determined adversary could still leverage this path traversal to tamper with configuration or application files, especially if the API endpoint is reachable from the internet.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

bolo-blog

bolo-solo

affected

Version	Status	Constraints
`2.6.0`	affected	—
`2.6.1`	affected	—
`2.6.2`	affected	—
`2.6.3`	affected	—
`2.6.4`	affected	—

Configuration 1 [-]

cpe:2.3:a:adlered:bolo-solo:*:*:*:*:*:*:*:*

No data.

Vendor	Product	Confidence	Versions
Bolo-blog	Bolo-solo	—	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Check for an official patch or new release of bolo‑solo and install if available, ensuring the package version is beyond 2.6.4.
Configure the ZIP extraction routine to run in a sandboxed directory with strict permissions, so even if traversal occurs the files cannot overwrite critical system files.
Disable or restrict remote access to the API endpoint that triggers unpackFilteredZip, allowing only trusted internal hosts to submit ZIP archives.
Add explicit validation of extracted file names to reject paths containing '../' or absolute paths before extraction.

Generated by OpenCVE AI on April 18, 2026 at 00:04 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact Low

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact Low

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.0011.

Exploitation poc

Automatable no

Technical Impact partial

References

Link	Providers
https://github.com/bolo-blog/bolo-solo/
https://github.com/bolo-blog/bolo-solo/issues/326
https://vuldb.com/?ctiid.343978
https://vuldb.com/?id.343978
https://vuldb.com/?submit.742422

History

Tue, 03 Mar 2026 01:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Adlered Adlered bolo-solo
CPEs		cpe:2.3:a:adlered:bolo-solo::::::::
Vendors & Products		Adlered Adlered bolo-solo

Wed, 04 Feb 2026 12:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Bolo-blog Bolo-blog bolo-solo
Vendors & Products		Bolo-blog Bolo-blog bolo-solo

Tue, 03 Feb 2026 21:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Tue, 03 Feb 2026 20:45:00 +0000

Type	Values Removed	Values Added
Description		A vulnerability was detected in bolo-blog bolo-solo up to 2.6.4. The impacted element is the function unpackFilteredZip of the file src/main/java/org/b3log/solo/bolo/prop/BackupService.java of the component ZIP File Handler. Performing a manipulation of the argument File results in path traversal. The attack is possible to be carried out remotely. The exploit is now public and may be used. The project was informed of the problem early through an issue report but has not responded yet.
Title		bolo-blog bolo-solo ZIP File BackupService.java unpackFilteredZip path traversal
Weaknesses		CWE-22
References		https://github.com/bolo-blog/bolo-solo/ https://github.com/bolo-blog/bolo-solo/issues/326 https://vuldb.com/?ctiid.343978 https://vuldb.com/?id.343978 https://vuldb.com/?submit.742422
Metrics		cvssV2_0 `{'score': 6.5, 'vector': 'AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}` cvssV3_0 `{'score': 6.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}` cvssV3_1 `{'score': 6.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}` cvssV4_0 `{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}`

Subscriptions

Adlered Bolo-solo

Bolo-blog Bolo-solo

MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2026-02-03T20:32:07.343Z

Updated: 2026-02-23T09:15:31.194Z

Reserved: 2026-02-03T14:03:44.422Z

Link: CVE-2026-1810

Vulnrichment

Updated: 2026-02-03T20:46:11.895Z

NVD

Status : Analyzed

Published: 2026-02-03T21:16:12.617

Modified: 2026-04-29T01:00:01.613

Link: CVE-2026-1810

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-04-18T00:15:31Z

Weaknesses

CWE-22

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact Low

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact Low

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Exploitation poc

Automatable no

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object