VYPR
Vendor

Docling Project

Products
2
CVEs
12
Across products
14
Status
Private

Products

2

Recent CVEs

12
  • CVE-2026-31248HigMay 11, 2026
    risk 0.49cvss 7.5epss 0.00

    Docling's METS GBS backend is vulnerable to XML Entity Expansion (XXE) attacks thru 2.61.0. The backend extracts and validates XML files from .tar.gz archives using etree.fromstring() without disabling entity resolution. An attacker can craft a malicious XML file with nested…

  • CVE-2026-31247HigMay 11, 2026
    risk 0.49cvss 7.5epss 0.00

    Docling's JATS XML backend is vulnerable to XML Entity Expansion (XXE) attacks thru 2.61.0. The backend uses etree.parse() to parse XML files without disabling entity resolution. An attacker can craft a malicious XML file containing a nested entity expansion payload (XML Bomb).…

  • CVE-2026-24009HigJan 22, 2026
    risk 0.46cvss 8.1epss 0.01

    Docling Core (or docling-core) is a library that defines core data types and transformations in the document processing application Docling. A PyYAML-related Remote Code Execution (RCE) vulnerability, namely CVE-2020-14343, is exposed in docling-core starting in version 2.21.0…

  • CVE-2026-44023higJun 3, 2026
    risk 0.38cvss epss 0.00

    ### Impact In versions `>= 1.5.0, < 2.74.1`, `docling-core` did not sufficiently restrict remote request destinations and could resolve a server-provided `Content-Disposition` to a local path in an unsafe manner. In applications that accept untrusted URLs, this could allow SSRF…

  • CVE-2026-44019higJun 3, 2026
    risk 0.38cvss epss 0.00

    ### Impact In versions `>= 2.5.0, < 2.74.1`, `docling-core` could allow local `file://` image references and accepted inline `data:` content without a decoded-size limit. In applications that accept untrusted image references, this may allow access to local files readable by…

  • CVE-2026-47214higJun 3, 2026
    risk 0.38cvss epss 0.00

    ### Impact The HTML backend did not perform sufficient validation during resource handling: - Accepted `file://` URIs enabling local file system access when `enable_local_fetch=True` - Path resolution allowed traversal outside intended directories via `../` sequences and…

  • CVE-2026-44020higJun 3, 2026
    risk 0.38cvss epss 0.00

    ### Impact The USPTO patent XML parser used the standard `xml.sax.parseString()` without protection against XML External Entity (XXE) attacks. An attacker could craft malicious USPTO patent XML files with external entity references that could: - Read arbitrary files from the…

  • CVE-2026-44016higJun 3, 2026
    risk 0.38cvss epss 0.00

    ### Impact In versions `>= 2.82.0, < 2.91.0`, if the HTML backend was explicitly configured for rendering (rendering option by default deactivated), then the Playwright-based rendering feature could allow JavaScript execution and unrestricted network access when processing…

  • CVE-2026-44017higJun 3, 2026
    risk 0.38cvss epss 0.00

    ### Impact In versions `< 2.91.0`, The EasyOCR model download functionality extracted ZIP archives without validating member paths, enabling Zip Slip attacks. If an attacker could compromise the model download source (via supply chain attack, DNS spoofing, or MITM), they could…

  • CVE-2026-44520MedMay 14, 2026
    risk 0.30cvss 5.7epss 0.00

    Docling-Graph turns documents into validated Pydantic objects, then builds a directed knowledge graph with explicit semantic relationships. Prior to 1.5.1, the URLInputHandler class in docling_graph/core/input/handlers.py makes HTTP requests to user-supplied URLs without…

  • CVE-2026-44022Jun 3, 2026
    risk 0.00cvss epss 0.00

    ### Impact The LaTeX backend's handling of `\includegraphics`, `\input`, and `\include` commands lacked path containment validation. Attackers could craft malicious LaTeX documents with path traversal sequences (e.g., `../../../etc/passwd`) to: - Read arbitrary files from the…

  • CVE-2026-44018Jun 3, 2026
    risk 0.00cvss epss 0.00

    ### Impact The METS-GBS backend's XML parsing and the input document format detection lacked security controls, enabling: - XML External Entity (XXE) attacks to read local files or cause denial of service - Decompression bombs (zip bombs) to exhaust memory and disk space -…