Lucene search
+L

113 matches found

Snyk
Snyk
added 2026/05/11 5:19 p.m.36 views

Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')

Overview docling is a SDK and CLI for parsing PDF, DOCX, HTML, and more, to a unified document representation for powering downstream workflows such as gen AI applications. Affected versions of this package are vulnerable to Improper Restriction of Recursive Entity References in DTDs 'XML Entity...

8.7CVSS5.8AI score0.00278EPSS
Exploits0References2
NVD
NVD
added 2026/05/11 5:16 p.m.15 views

CVE-2026-31248

Docling's METS GBS backend is vulnerable to XML Entity Expansion XXE attacks thru 2.61.0. The backend extracts and validates XML files from .tar.gz archives using etree.fromstring without disabling entity resolution. An attacker can craft a malicious XML file with nested entity definitions XML Bo...

7.5CVSS0.00278EPSS
Exploits0References2
NVD
NVD
added 2026/05/11 4:17 p.m.15 views

CVE-2026-31247

Docling's JATS XML backend is vulnerable to XML Entity Expansion XXE attacks thru 2.61.0. The backend uses etree.parse to parse XML files without disabling entity resolution. An attacker can craft a malicious XML file containing a nested entity expansion payload XML Bomb. When processed by Doclin...

7.5CVSS0.00351EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.12 views

PT-2026-39617

Name of the Vulnerable Software and Affected Versions Docling versions prior to 2.61.1 Description The JATS XML backend is susceptible to XML Entity Expansion XXE, a type of attack where an XML parser is tricked into processing entities that expand exponentially. This occurs because the backend...

7.5CVSS6.1AI score0.00351EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/05/11 12:0 a.m.35 views

CVE-2026-31247

Docling's JATS XML backend is vulnerable to XML Entity Expansion XXE attacks thru 2.61.0. The backend uses etree.parse to parse XML files without disabling entity resolution. An attacker can craft a malicious XML file containing a nested entity expansion payload XML Bomb. When processed by Doclin...

0.00351EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/11 12:0 a.m.35 views

CVE-2026-31248

Docling's METS GBS backend is vulnerable to XML Entity Expansion XXE attacks thru 2.61.0. The backend extracts and validates XML files from .tar.gz archives using etree.fromstring without disabling entity resolution. An attacker can craft a malicious XML file with nested entity definitions XML Bo...

0.00278EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.16 views

Docling 安全漏洞

Docling is a multi-format document parsing and AI integration tool open-sourced by the Docling Project. Versions of Docling 2.61.0 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the use of etree.fromstring to parse XML files without disabling entity parsing,...

7.5CVSS5.8AI score0.00278EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.11 views

Docling 安全漏洞

Docling is an open-source multi-format document parsing and AI integration tool developed by the Docling Project. Versions of Docling 2.61.0 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the use of etree.parse to parse XML files without disabling entity parsin...

7.5CVSS5.8AI score0.00351EPSS
Exploits0References2
CVE
CVE
added 2026/05/11 12:0 a.m.29 views

CVE-2026-31248

CVE-2026-31248 affects Docling's METS GBS backend up to version 2.61.0. The backend parses XML from .tar.gz archives using etree.fromstring() without disabling entity resolution, enabling XML Entity Expansion (XXE) via nested entity definitions (XML Bomb). Processing such a crafted XML can cause ...

7.5CVSS5.8AI score0.00278EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/11 12:0 a.m.10 views

CVE-2026-31248

Docling's METS GBS backend is vulnerable to XML Entity Expansion XXE attacks thru 2.61.0. The backend extracts and validates XML files from .tar.gz archives using etree.fromstring without disabling entity resolution. An attacker can craft a malicious XML file with nested entity definitions XML Bo...

5.8AI score0.00278EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/11 12:0 a.m.8 views

CVE-2026-31247

Docling's JATS XML backend is vulnerable to XML Entity Expansion XXE attacks thru 2.61.0. The backend uses etree.parse to parse XML files without disabling entity resolution. An attacker can craft a malicious XML file containing a nested entity expansion payload XML Bomb. When processed by Doclin...

5.8AI score0.00351EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/11 12:0 a.m.8 views

CVE-2026-31248

Docling's METS GBS backend is vulnerable to XML Entity Expansion XXE attacks thru 2.61.0. The backend extracts and validates XML files from .tar.gz archives using etree.fromstring without disabling entity resolution. An attacker can craft a malicious XML file with nested entity definitions XML Bo...

5.8AI score0.00278EPSS
Exploits0References3
CVE
CVE
added 2026/05/11 12:0 a.m.21 views

CVE-2026-31247

Docling’s JATS XML backend (up to version 2.61.0) is vulnerable to XML Entity Expansion (XXE). The backend uses etree.parse() without disabling entity resolution, allowing an attacker to submit a crafted XML with nested entity expansions (XML Bomb). Processing such payloads causes exponential ent...

7.5CVSS5.8AI score0.00351EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/07 3:15 a.m.36 views

Server-side Request Forgery (SSRF)

Overview docling-graph is an A tool to convert documents into knowledge graphs using Docling. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the URLInputHandler process. An attacker can access internal network resources or sensitive cloud metadata by...

6.9CVSS5.8AI score0.00188EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/05/07 3:15 a.m.20 views

docling-graph has SSRF via Missing Internal IP Validation in URLInputHandler

Impact The URLInputHandler class in doclinggraph/core/input/handlers.py makes HTTP requests to user-supplied URLs without validating whether the target resolves to a private, loopback, or link-local IP address. The URLValidator only checks for a valid scheme and non-empty netloc, performing no...

5.7CVSS5.8AI score0.00188EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/05/07 3:15 a.m.13 views

GHSA-FQPH-J6V6-JVGX docling-graph has SSRF via Missing Internal IP Validation in URLInputHandler

Impact The URLInputHandler class in doclinggraph/core/input/handlers.py makes HTTP requests to user-supplied URLs without validating whether the target resolves to a private, loopback, or link-local IP address. The URLValidator only checks for a valid scheme and non-empty netloc, performing no...

5.7CVSS5.8AI score0.00188EPSS
Exploits0References4
vulnersOsv
vulnersOsv
added 2026/04/08 7:14 p.m.8 views

io.quarkiverse.docling:quarkus-docling (>=0.0.1 <=0.0.4), io.quarkiverse.docling:quarkus-docling-deployment (>=0.0.1 <=0.0.4) +112 more potentially affected by CVE-2026-40180 via io.quarkiverse.openapi.generator:quarkus-openapi-generator (>=0.1.0 <=2.16.0-lts)

io.quarkiverse.openapi.generator:quarkus-openapi-generator MAVEN version =0.1.0, =0.0.1, =0.0.1, =0.1.0, =2.10.0, =0.4.0, =2.10.0, =2.16.0-lts - org.apache.kie.sonataflow:sonataflow-addons-quarkus-camel =10.2.0 - org.apache.kie.sonataflow:sonataflow-addons-quarkus-camel-deployment =10.2.0 -...

8.7CVSS5.4AI score0.00387EPSS
Exploits1
GithubExploit
GithubExploit
added 2026/02/26 9:49 a.m.174 views

Exploit for CVE-2026-24009

docling-core-CVE-2026-24009 T...

8.1CVSS5.3AI score0.01376EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2026/02/23 6:30 a.m.6 views

datapizza-ai-parsers-azure (=0.0.2), datapizza-ai-parsers-docling (=0.0.2) +1 more potentially affected by CVE-2026-2969 via datapizza-ai-core (=0.0.1)

datapizza-ai-core PYPI version =0.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on datapizza-ai-core and may be impacted: - datapizza-ai-parsers-azure =0.0.2 - datapizza-ai-parsers-docling =0.0.2 - datapizza-ai-tools-duckduckgo =0.0.2 Source cves:...

7.2CVSS5.8AI score0.00686EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2026/01/23 3:21 p.m.9 views

CVE-2026-24009

Docling Core or docling-core is a library that defines core data types and transformations in the document processing application Docling. A PyYAML-related Remote Code Execution RCE vulnerability, namely CVE-2020-14343, is exposed in docling-core starting in version 2.21.0 and prior to version...

10CVSS7.7AI score0.05984EPSS
Exploits2References1
Rows per page
Query Builder