CNNVD-202601-5054 Information

CNNVD ID

CNNVD-202601-5054

Related CVE

CVE-2026-1691

• CNNVD Published: 2026-01-30

Description (Chinese)

bolo-solo是bolo-blog开源的一个博客系统。 bolo-solo 2.6.4及之前版本存在代码问题漏洞，该漏洞源于SnakeYAML组件中文件src/main/java/org/b3log/solo/bolo/prop/BackupService.java的函数importMarkdownsSync存在反序列化问题。

Description (English)

This post is part of our special coverage Global Voices 2011. bolo-solo 2.6.4 and previous versions have a code problem loophole, which stems from the inverse-sequencing of the function of src/main/java/org/b3log/solo/bolo/prop/BackupService.java in SnakeYAML component.

Hazard Level

High

Vulnerability Type

代码问题

Affected Vendor

bolo-blog

Published

2026-01-30

Last Modified

2026-02-24

References

https://github.com/bolo-blog/bolo-solo/issues/325 https://github.com/bolo-blog/bolo-solo/issues/325#issue-3828755519 https://vuldb.com/?ctiid.343485 https://vuldb.com/?id.343485 https://vuldb.com/?submit.741899 https://access.redhat.com/security/cve/cve-2026-1691