VYPR
High severityNVD Advisory· Published Jun 3, 2026· Updated Jun 3, 2026

Docling: Unsafe Playwright-based HTML Rendering

CVE-2026-44016

Description

Impact

In versions >= 2.82.0, < 2.91.0, if the HTML backend was explicitly configured for rendering (rendering option by default deactivated), then the Playwright-based rendering feature could allow JavaScript execution and unrestricted network access when processing untrusted HTML documents. An attacker could craft malicious HTML that executes arbitrary JavaScript in the rendering context or makes unauthorized network requests to internal services, potentially leading to SSRF attacks, data exfiltration, or remote code execution in the rendering environment.

Patches

Fixed in version 2.91.0. The rendering context now explicitly disables JavaScript execution (java_script_enabled=False) and implements network isolation controls. When enable_remote_fetch is disabled, the browser operates in offline mode, preventing all network requests.

Workarounds

Refrain from using render_page=True when processing untrusted HTML documents.

### References - Fix release: v2.91.0

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
doclingPyPI
>= 2.82.0, < 2.91.02.91.0

Affected products

2

Patches

Vulnerability mechanics

References

3

News mentions

1