Primary

Context

Bolo-Solo SnakeYAML Deserialization Vulnerability in BackupService.java

Vulnerability

A deserialization vulnerability has been identified in Bolo-Solo versions through 2.6.4. This issue arises in the 'importMarkdownsSync' function within 'BackupService.java', where the SnakeYAML library is used to process YAML metadata from Markdown files. The vulnerability allows remote attackers to execute arbitrary code on the server by crafting import files with malicious YAML payloads, exploiting the lack of security checks during deserialization.

Impact

Exploitation of this vulnerability allows for arbitrary code execution on the server, with the potential for complete control over the affected system.

Reproduction

To reproduce this vulnerability, upload a Markdown file containing a crafted YAML payload that exploits the deserialization flaw into the 'import/markdown' interface of Bolo-Solo. The payload should be designed to execute arbitrary code when the Markdown import is processed.

Added: Jan 30, 2026, 5:19 PM

Updated: Jan 30, 2026, 5:19 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

6.0

remediation

0.0

relevance

2.5

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

6.0

remediation

0.0

relevance

2.5

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Bolo-Solo SnakeYAML Deserialization Vulnerability in BackupService.java

Vulnerability

Impact

Reproduction

Affected Products

SnakeYAML

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating