| CVE-2026-31248 |
high |
7.5 |
7.5 |
|
|
|
24d ago |
Docling's METS GBS backend is vulnerable to XML Entity Expansion (XXE) attacks |
| CVE-2026-31247 |
high |
7.5 |
7.5 |
|
|
|
24d ago |
Docling's JATS XML backend is vulnerable to XML Entity Expansion (XXE) attacks |
| CVE-2026-47214 |
unknown |
— |
— |
|
|
|
18h ago |
Docling: Unsafe URI and Path Handling in HTML Backend |
| CVE-2026-44022 |
unknown |
— |
— |
|
|
|
18h ago |
Docling: Potential Path Traversal via LaTeX \includegraphics and \input Commands |
| CVE-2026-44020 |
unknown |
— |
— |
|
|
|
18h ago |
Docling: Unsafe XML Entity Expansion in USPTO Patent Backend |
| CVE-2026-44018 |
unknown |
— |
— |
|
|
|
18h ago |
Docling: Unsafe Archive Extraction and XML Parsing in METS-GBS Backend |
| CVE-2026-44016 |
unknown |
— |
— |
|
|
|
18h ago |
Docling: Unsafe Playwright-based HTML Rendering |
| CVE-2026-44017 |
unknown |
— |
— |
|
|
|
19h ago |
Docling: Unsafe Zip Extraction in EasyOCR Model Download |
