SnakeYAML is vulnerable to remote code execution (RCE) when used in an application to parse untrusted user-supplied YAML files. A remote attacker could craft a malicious YAML file that when deserialized allows arbitrary command execution on the target system.

The above fixes is available with the snakeyaml-1.32.jar

As of now wildfly bundle the snakeyaml-1.29.jar, can be seen in following location

wildfly-26.1.2.Final\modules\system\layers\base\org\yaml\snakeyaml\main

wildfly-26.1.3.Final\modules\system\layers\base\org\yaml\snakeyaml\main

We need to bundle the latest snakeyaml jar, which is snakeyaml-1.32.jar