Lucene search
K

448 matches found

NVD
NVD
added 2026/06/24 6:17 p.m.9 views

CVE-2026-44022

Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. From 2.73.0 until 2.91.0, he LaTeX backend's handling of \includegraphics, \input, and \include commands lacked path containment validation. Attackers could craft malicio...

5.5CVSS0.00163EPSS
Exploits0References2
CVE
CVE
added 2026/06/24 5:47 p.m.31 views

CVE-2026-44022

Docling’s LaTeX backend (versions 2.73.0–2.91.0) fails to validate path containment for includegraphics, input, and include commands, enabling path traversal to read arbitrary files accessible to the process and potentially embed sensitive data in converted output. The root cause is insufficient ...

5.5CVSS6AI score0.00163EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/24 5:47 p.m.4 views

CVE-2026-44022 Docling: Potential Path Traversal via LaTeX \includegraphics and \input Commands

Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. From 2.73.0 until 2.91.0, he LaTeX backend's handling of \includegraphics, \input, and \include commands lacked path containment validation. Attackers could craft malicio...

5.5CVSS6AI score0.00163EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/24 5:47 p.m.36 views

CVE-2026-44022 Docling: Potential Path Traversal via LaTeX \includegraphics and \input Commands

Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. From 2.73.0 until 2.91.0, he LaTeX backend's handling of \includegraphics, \input, and \include commands lacked path containment validation. Attackers could craft malicio...

5.5CVSS0.00163EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/06 6:43 p.m.13 views

CVE-2026-49492

Markdown Preview Enhanced before 0.8.28 opens external files and links from the preview through a shell and does not validate untrusted inputs taken from the markdown document - the diagram filename attribute, imported file paths, and the latexengine code-chunk attribute. On Windows, a crafted...

8.8CVSS5.7AI score0.0034EPSS
Exploits0References1
NVD
NVD
added 2026/06/05 6:17 p.m.14 views

CVE-2026-49492

Markdown Preview Enhanced before 0.8.28 opens external files and links from the preview through a shell and does not validate untrusted inputs taken from the markdown document - the diagram filename attribute, imported file paths, and the latexengine code-chunk attribute. On Windows, a crafted...

8.8CVSS0.0034EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/05 5:49 p.m.7 views

CVE-2026-49492

Markdown Preview Enhanced before 0.8.28 opens external files and links from the preview through a shell and does not validate untrusted inputs taken from the markdown document - the diagram filename attribute, imported file paths, and the latexengine code-chunk attribute. On Windows, a crafted...

8.8CVSS5.7AI score0.0034EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/06/03 9:14 p.m.13 views

Docling: Potential Path Traversal via LaTeX \includegraphics and \input Commands

Impact The LaTeX backend's handling of \includegraphics, \input, and \include commands lacked path containment validation. Attackers could craft malicious LaTeX documents with path traversal sequences e.g., ../../../etc/passwd to: - Read arbitrary files from the file system accessible to the...

5.5CVSS5.9AI score0.00163EPSS
Exploits0References3Affected Software1
Snyk
Snyk
added 2026/06/03 9:14 p.m.18 views

Directory Traversal

Overview docling is a SDK and CLI for parsing PDF, DOCX, HTML, and more, to a unified document representation for powering downstream workflows such as gen AI applications. Affected versions of this package are vulnerable to Directory Traversal via the LaTeX backend's handling of \includegraphics...

6.8CVSS6.2AI score0.00163EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.15 views

PT-2026-46084

Impact The LaTeX backend's handling of includegraphics, input, and include commands lacked path containment validation. Attackers could craft malicious LaTeX documents with path traversal sequences e.g., ../../../etc/passwd to: - Read arbitrary files from the file system accessible to the process...

5.5CVSS5.9AI score
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.22 views

PT-2026-46122

Name of the Vulnerable Software and Affected Versions Docling versions prior to 2.91.0 Description The LaTeX backend fails to validate path containment when handling the includegraphics, input, and include commands. This allows attackers to use path traversal sequences, such as ../../../etc/passw...

5.5CVSS5.9AI score0.00163EPSS
Exploits0References9
Veracode
Veracode
added 2026/03/28 5:31 a.m.6 views

Remote Code Execution (RCE)

Indico is vulnerable to Remote Code Execution RCE. The vulnerability is due to improper sanitization of LaTeX input allowing bypass via crafted syntax, which allows an attacker to read local files or execute arbitrary code on the server when LaTeX rendering is enabled...

8.8CVSS6.3AI score0.00782EPSS
Exploits0References6Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/26 3:0 p.m.3 views

CVE-2026-33046

Indico is an event management system that uses Flask-Multipass, a multi-backend authentication system for Flask. In versions prior to 3.3.12, due to vulnerabilities in TeXLive and obscure LaTeX syntax that allowed circumventing Indico's LaTeX sanitizer, it is possible to use specially-crafted LaT...

8.8CVSS5.9AI score0.00782EPSS
Exploits0References1
Snyk
Snyk
added 2026/03/24 12:32 a.m.3 views

Command Injection

Overview indico is a conference lifecycle management and meeting/lecture scheduling tool. Affected versions of this package are vulnerable to Command Injection due to insufficient sanitization of LaTeX syntax. An attacker can execute arbitrary code or access local files by submitting...

8.8CVSS6.3AI score0.00782EPSS
Exploits0References2
NVD
NVD
added 2026/03/23 11:17 p.m.8 views

CVE-2026-33046

Indico is an event management system that uses Flask-Multipass, a multi-backend authentication system for Flask. In versions prior to 3.3.12, due to vulnerabilities in TeXLive and obscure LaTeX syntax that allowed circumventing Indico's LaTeX sanitizer, it is possible to use specially-crafted LaT...

8.8CVSS0.00782EPSS
Exploits0References6
CVE
CVE
added 2026/03/23 10:45 p.m.19 views

CVE-2026-33046

CVE-2026-33046 affects Indico (event management system) where, in versions prior to 3.3.12, TeXLive/LaTeX sanitizer bypass via specially crafted LaTeX snippets could read local files or execute code with server user privileges when server-side LaTeX rendering is enabled (XELATEX_PATH set). If ser...

8.8CVSS5.9AI score0.00782EPSS
Exploits0References6Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/23 10:45 p.m.2 views

CVE-2026-33046 Indico discloses local files resulting in Remote Code Execution through LaTeX injection

Indico is an event management system that uses Flask-Multipass, a multi-backend authentication system for Flask. In versions prior to 3.3.12, due to vulnerabilities in TeXLive and obscure LaTeX syntax that allowed circumventing Indico's LaTeX sanitizer, it is possible to use specially-crafted LaT...

7.7CVSS5.9AI score0.00782EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/03/23 10:45 p.m.3 views

CVE-2026-33046

Indico is an event management system that uses Flask-Multipass, a multi-backend authentication system for Flask. In versions prior to 3.3.12, due to vulnerabilities in TeXLive and obscure LaTeX syntax that allowed circumventing Indico's LaTeX sanitizer, it is possible to use specially-crafted LaT...

7.7CVSS5.9AI score0.00782EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2026/03/23 10:45 p.m.2 views

CVE-2026-33046 Indico discloses local files resulting in Remote Code Execution through LaTeX injection

Indico is an event management system that uses Flask-Multipass, a multi-backend authentication system for Flask. In versions prior to 3.3.12, due to vulnerabilities in TeXLive and obscure LaTeX syntax that allowed circumventing Indico's LaTeX sanitizer, it is possible to use specially-crafted LaT...

7.7CVSS6AI score0.00782EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/03/23 10:45 p.m.25 views

CVE-2026-33046 Indico discloses local files resulting in Remote Code Execution through LaTeX injection

Indico is an event management system that uses Flask-Multipass, a multi-backend authentication system for Flask. In versions prior to 3.3.12, due to vulnerabilities in TeXLive and obscure LaTeX syntax that allowed circumventing Indico's LaTeX sanitizer, it is possible to use specially-crafted LaT...

7.7CVSS0.00782EPSS
Exploits0References6
Rows per page
Query Builder