High severity8.1NVD Advisory· Published Jan 22, 2026· Updated Apr 9, 2026

CVE-2026-24009

Description

Docling Core (or docling-core) is a library that defines core data types and transformations in the document processing application Docling. A PyYAML-related Remote Code Execution (RCE) vulnerability, namely CVE-2020-14343, is exposed in docling-core starting in version 2.21.0 and prior to version 2.48.4, specifically only if the application uses pyyaml prior to version 5.4 and invokes docling_core.types.doc.DoclingDocument.load_from_yaml() passing it untrusted YAML data. The vulnerability has been patched in docling-core version 2.48.4. The fix mitigates the issue by switching PyYAML deserialization from yaml.FullLoader to yaml.SafeLoader, ensuring that untrusted data cannot trigger code execution. Users who cannot immediately upgrade docling-core can alternatively ensure that the installed version of PyYAML is 5.4 or greater.

Affected packages

Versions sourced from the GitHub Security Advisory.

Package	Affected versions	Patched versions
docling-corePyPI	>= 2.21.0, < 2.48.4	2.48.4

Affected products

Docling/Docling Core
cpe:2.3:a:docling:docling-core:*:*:*:*:*:python:*:*
Range: >=2.21.0,<2.48.4

Patches

3e8d628eeeae

fix: switch to safe YAML loader (#396)

https://github.com/docling-project/docling-corePanos VagenasOct 1, 2025via ghsa

commit

2 files changed · +2 −2

docling_core/types/doc/document.py+1 −1 modified

@@ -4354,7 +4354,7 @@ def load_from_yaml(cls, filename: Union[str, Path]) -> "DoclingDocument":
         if isinstance(filename, str):
             filename = Path(filename)
         with open(filename, encoding="utf-8") as f:
-            data = yaml.load(f, Loader=yaml.FullLoader)
+            data = yaml.load(f, Loader=yaml.SafeLoader)
         return DoclingDocument.model_validate(data)
 
     def export_to_dict(

test/test_docling_doc.py+1 −1 modified

@@ -1973,7 +1973,7 @@ def test_export_with_precision():
             yaml.dump(act_data, f, default_flow_style=False)
     else:
         with open(exp_file, "r", encoding="utf-8") as f:
-            exp_data = yaml.load(f, Loader=yaml.FullLoader)
+            exp_data = yaml.load(f, Loader=yaml.SafeLoader)
         assert act_data == exp_data

Vulnerability mechanics

Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

github.com/docling-project/docling-core/commit/3e8d628eeeae50f0f8f239c8c7fea773d065d80cnvdPatchWEB
github.com/docling-project/docling-core/security/advisories/GHSA-vqxf-v2gg-x3hcnvdMitigationPatchVendor AdvisoryWEB
github.com/advisories/GHSA-8q59-q68h-6hv4nvdNot ApplicableADVISORY
github.com/advisories/GHSA-vqxf-v2gg-x3hcghsaADVISORY
nvd.nist.gov/vuln/detail/CVE-2026-24009ghsaADVISORY
github.com/docling-project/docling-core/issues/482nvdIssue TrackingWEB
github.com/docling-project/docling-core/releases/tag/v2.48.4nvdProductRelease NotesWEB

News mentions

No linked articles in our index yet.

cvss	0.526
epss	0.000
exploit	0.000
kev	0.000
patch	-0.070
ransomware	0.000