Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2026/06/25 7:15 p.m.6 views

CVE-2026-44016

A flaw was found in Docling. If the HTML backend is explicitly configured for rendering, a remote attacker could exploit a vulnerability in the Playwright-based rendering feature by crafting malicious HTML documents. This could allow the attacker to execute arbitrary JavaScript or make unauthoriz...

8.2CVSS6.3AI score0.00384EPSS
Exploits0References5
OSV
OSV
added 2026/06/24 5:42 p.m.3 views

CVE-2026-44016 Docling: Unsafe Playwright-based HTML Rendering

Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. FIn versions = 2.82.0, 2.91.0, if the HTML backend was explicitly configured for rendering rendering option by default deactivated, then the Playwright-based rendering...

8.2CVSS6.7AI score0.00384EPSS
Exploits0References7
CVE
CVE
added 2026/06/24 5:42 p.m.33 views

CVE-2026-44016

Docling (Python SDK) versions 2.82.0–2.90.x are affected when the HTML backend is explicitly enabled for rendering. The Playwright-based rendering had a vulnerability that could allow JavaScript execution and unrestricted network access in the rendering context for untrusted HTML, enabling potent...

8.2CVSS6.7AI score0.00384EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/06/03 9:9 p.m.10 views

GHSA-PJ2V-GGQH-CMQ2 Docling: Unsafe Playwright-based HTML Rendering

Impact In versions = 2.82.0, 2.91.0, if the HTML backend was explicitly configured for rendering rendering option by default deactivated, then the Playwright-based rendering feature could allow JavaScript execution and unrestricted network access when processing untrusted HTML documents. An...

8.2CVSS6.5AI score0.00384EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/06/03 9:9 p.m.18 views

Docling: Unsafe Playwright-based HTML Rendering

Impact In versions = 2.82.0, 2.91.0, if the HTML backend was explicitly configured for rendering rendering option by default deactivated, then the Playwright-based rendering feature could allow JavaScript execution and unrestricted network access when processing untrusted HTML documents. An...

8.2CVSS6.5AI score0.00384EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.15 views

PT-2026-46103

Impact In versions = 2.82.0, 2.91.0, if the HTML backend was explicitly configured for rendering rendering option by default deactivated, then the Playwright-based rendering feature could allow JavaScript execution and unrestricted network access when processing untrusted HTML documents. An...

8.2CVSS6.5AI score
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.21 views

PT-2026-46118

Name of the Vulnerable Software and Affected Versions Docling versions 2.82.0 through 2.90.x Description When the HTML backend is explicitly configured for rendering, the Playwright-based rendering feature allows JavaScript execution and unrestricted network access during the processing of...

8.2CVSS6.7AI score0.00384EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-2427

Malicious code in bioql PyPI...

4.3CVSS6.4AI score0.00523EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-2232

Malicious code in bioql PyPI...

3.1CVSS6.4AI score0.0037EPSS
Exploits0References4
Rows per page
Query Builder