CVE-2026-1810

MediumPublic PoC

Published: 03 February 2026

Published

03 February 2026

Modified

03 March 2026

KEV Added

—

Patch

—

CVSS Score 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

EPSS Score 0.0011 28.8th percentile

Risk Priority 13 60% EPSS · 20% KEV · 20% CVSS

Description

A vulnerability was detected in bolo-blog bolo-solo up to 2.6.4. The impacted element is the function unpackFilteredZip of the file src/main/java/org/b3log/solo/bolo/prop/BackupService.java of the component ZIP File Handler. Performing a manipulation of the argument File results in path traversal. The attack…

is possible to be carried out remotely. The exploit is now public and may be used. The project was informed of the problem early through an issue report but has not responded yet.

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match

prevent

Directly prevents path traversal by requiring validation of the manipulated File argument in the unpackFilteredZip function during ZIP unpacking.

SI-2 Flaw Remediation good match

prevent

Mandates identification, reporting, and correction of the specific path traversal flaw in BackupService.java through timely patching.

AC-6 Least Privilege good match

prevent

Enforces least privilege on the backup service process to restrict access and limit damage from path traversal to only authorized directories.

Security SummaryAI

CVE-2026-1810 is a path traversal vulnerability (CWE-22) affecting bolo-blog's bolo-solo application up to version 2.6.4. The issue resides in the unpackFilteredZip function within the ZIP File Handler component, specifically in the file src/main/java/org/b3log/solo/bolo/prop/BackupService.java. By manipulating the File argument, attackers can exploit this flaw remotely, as scored at CVSS 6.3 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L).

A remote attacker with low privileges (PR:L) can exploit this vulnerability over the network with low complexity and no user interaction required. Successful exploitation enables limited impacts on confidentiality, integrity, and availability, allowing path traversal to access or manipulate files outside the intended directory during ZIP unpacking operations.

Advisories from VulDB (ctiid.343978, id.343978) detail the issue, noting that an exploit is publicly available and the project was notified early via GitHub issue #326 in the bolo-blog/bolo-solo repository, but has not yet responded or released patches. Security practitioners should monitor the repository and issue tracker for updates, restrict access to backup services, and consider disabling or isolating ZIP handling features until mitigation is available.

The exploit code is public, increasing the risk of active targeting, though no confirmed real-world exploitation has been reported as of the CVE publication on 2026-02-03.

Details

CWE(s): CWE-22

Affected Products

adlered

bolo-solo

≤ 2.6.4

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

Why these techniques?

Path traversal vulnerability in a public-facing web application (bolo-solo) directly enables remote exploitation of a public-facing application.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

References

https://github.com/bolo-blog/bolo-solo/
Product · cna@vuldb.com
https://github.com/bolo-blog/bolo-solo/issues/326
Exploit, Issue Tracking, Vendor Advisory · cna@vuldb.com
https://vuldb.com/?ctiid.343978
Permissions Required, VDB Entry · cna@vuldb.com
https://vuldb.com/?id.343978
Third Party Advisory, VDB Entry · cna@vuldb.com
https://vuldb.com/?submit.742422
Third Party Advisory, VDB Entry · cna@vuldb.com