113 matches found
Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')
Overview docling is a SDK and CLI for parsing PDF, DOCX, HTML, and more, to a unified document representation for powering downstream workflows such as gen AI applications. Affected versions of this package are vulnerable to Improper Restriction of Recursive Entity References in DTDs 'XML Entity...
CVE-2026-31248
Docling's METS GBS backend is vulnerable to XML Entity Expansion XXE attacks thru 2.61.0. The backend extracts and validates XML files from .tar.gz archives using etree.fromstring without disabling entity resolution. An attacker can craft a malicious XML file with nested entity definitions XML Bo...
CVE-2026-31247
Docling's JATS XML backend is vulnerable to XML Entity Expansion XXE attacks thru 2.61.0. The backend uses etree.parse to parse XML files without disabling entity resolution. An attacker can craft a malicious XML file containing a nested entity expansion payload XML Bomb. When processed by Doclin...
PT-2026-39617
Name of the Vulnerable Software and Affected Versions Docling versions prior to 2.61.1 Description The JATS XML backend is susceptible to XML Entity Expansion XXE, a type of attack where an XML parser is tricked into processing entities that expand exponentially. This occurs because the backend...
CVE-2026-31247
Docling's JATS XML backend is vulnerable to XML Entity Expansion XXE attacks thru 2.61.0. The backend uses etree.parse to parse XML files without disabling entity resolution. An attacker can craft a malicious XML file containing a nested entity expansion payload XML Bomb. When processed by Doclin...
CVE-2026-31248
Docling's METS GBS backend is vulnerable to XML Entity Expansion XXE attacks thru 2.61.0. The backend extracts and validates XML files from .tar.gz archives using etree.fromstring without disabling entity resolution. An attacker can craft a malicious XML file with nested entity definitions XML Bo...
Docling 安全漏洞
Docling is a multi-format document parsing and AI integration tool open-sourced by the Docling Project. Versions of Docling 2.61.0 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the use of etree.fromstring to parse XML files without disabling entity parsing,...
Docling 安全漏洞
Docling is an open-source multi-format document parsing and AI integration tool developed by the Docling Project. Versions of Docling 2.61.0 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the use of etree.parse to parse XML files without disabling entity parsin...
CVE-2026-31248
CVE-2026-31248 affects Docling's METS GBS backend up to version 2.61.0. The backend parses XML from .tar.gz archives using etree.fromstring() without disabling entity resolution, enabling XML Entity Expansion (XXE) via nested entity definitions (XML Bomb). Processing such a crafted XML can cause ...
CVE-2026-31248
Docling's METS GBS backend is vulnerable to XML Entity Expansion XXE attacks thru 2.61.0. The backend extracts and validates XML files from .tar.gz archives using etree.fromstring without disabling entity resolution. An attacker can craft a malicious XML file with nested entity definitions XML Bo...
CVE-2026-31247
Docling's JATS XML backend is vulnerable to XML Entity Expansion XXE attacks thru 2.61.0. The backend uses etree.parse to parse XML files without disabling entity resolution. An attacker can craft a malicious XML file containing a nested entity expansion payload XML Bomb. When processed by Doclin...
CVE-2026-31248
Docling's METS GBS backend is vulnerable to XML Entity Expansion XXE attacks thru 2.61.0. The backend extracts and validates XML files from .tar.gz archives using etree.fromstring without disabling entity resolution. An attacker can craft a malicious XML file with nested entity definitions XML Bo...
CVE-2026-31247
Docling’s JATS XML backend (up to version 2.61.0) is vulnerable to XML Entity Expansion (XXE). The backend uses etree.parse() without disabling entity resolution, allowing an attacker to submit a crafted XML with nested entity expansions (XML Bomb). Processing such payloads causes exponential ent...
Server-side Request Forgery (SSRF)
Overview docling-graph is an A tool to convert documents into knowledge graphs using Docling. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the URLInputHandler process. An attacker can access internal network resources or sensitive cloud metadata by...
docling-graph has SSRF via Missing Internal IP Validation in URLInputHandler
Impact The URLInputHandler class in doclinggraph/core/input/handlers.py makes HTTP requests to user-supplied URLs without validating whether the target resolves to a private, loopback, or link-local IP address. The URLValidator only checks for a valid scheme and non-empty netloc, performing no...
GHSA-FQPH-J6V6-JVGX docling-graph has SSRF via Missing Internal IP Validation in URLInputHandler
Impact The URLInputHandler class in doclinggraph/core/input/handlers.py makes HTTP requests to user-supplied URLs without validating whether the target resolves to a private, loopback, or link-local IP address. The URLValidator only checks for a valid scheme and non-empty netloc, performing no...
io.quarkiverse.docling:quarkus-docling (>=0.0.1 <=0.0.4), io.quarkiverse.docling:quarkus-docling-deployment (>=0.0.1 <=0.0.4) +112 more potentially affected by CVE-2026-40180 via io.quarkiverse.openapi.generator:quarkus-openapi-generator (>=0.1.0 <=2.16.0-lts)
io.quarkiverse.openapi.generator:quarkus-openapi-generator MAVEN version =0.1.0, =0.0.1, =0.0.1, =0.1.0, =2.10.0, =0.4.0, =2.10.0, =2.16.0-lts - org.apache.kie.sonataflow:sonataflow-addons-quarkus-camel =10.2.0 - org.apache.kie.sonataflow:sonataflow-addons-quarkus-camel-deployment =10.2.0 -...
Exploit for CVE-2026-24009
docling-core-CVE-2026-24009 T...
datapizza-ai-parsers-azure (=0.0.2), datapizza-ai-parsers-docling (=0.0.2) +1 more potentially affected by CVE-2026-2969 via datapizza-ai-core (=0.0.1)
datapizza-ai-core PYPI version =0.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on datapizza-ai-core and may be impacted: - datapizza-ai-parsers-azure =0.0.2 - datapizza-ai-parsers-docling =0.0.2 - datapizza-ai-tools-duckduckgo =0.0.2 Source cves:...
CVE-2026-24009
Docling Core or docling-core is a library that defines core data types and transformations in the document processing application Docling. A PyYAML-related Remote Code Execution RCE vulnerability, namely CVE-2020-14343, is exposed in docling-core starting in version 2.21.0 and prior to version...