CVE-2026-47214
Docling: Unsafe URI and Path Handling in HTML Backend
Description
### Impact The HTML backend did not perform sufficient validation during resource handling: - Accepted `file://` URIs enabling local file system access when `enable_local_fetch=True` - Path resolution allowed traversal outside intended directories via `../` sequences and absolute paths - Did not block internal network resources under `enable_remote_fetch=True` - HTTP redirects were not validated, potentially redirecting to unintended schemes - No resource limits for remote image downloads and `data:` URIs ### Patches Fixed in versions 2.91.0 (initial fixes) and 2.94.0 (additional improvements). The fixes implement: - Updated local path treatment: absolute files always blocked, relative paths require `enable_local_fetch=True` (default: False) and containment within configured `base_path` for path traversal protection - `file://` scheme stripped & treated as local path (above) - IP address validation to prevent SSRF - HTTP redirect validation, connection and read timeouts - Size limit for both remote images (with streaming download) and base64-decoded data URIs ### Workarounds Keep both `enable_local_fetch=False` and `enable_remote_fetch=False` (defaults) when processing untrusted HTML documents. ### References - Initial fixes: [v2.91.0](https://github.com/docling-project/docling/releases/tag/v2.91.0) - Additional improvements: [v2.94.0](https://github.com/docling-project/docling/releases/tag/v2.94.0)
How to fix CVE-2026-47214
To remediate CVE-2026-47214, upgrade the affected package to a fixed version below.
- —upgrade to 2.94.0 or later
Is CVE-2026-47214 being exploited?
No exploitation signal available. Neither CISA KEV nor a current EPSS score has been published for CVE-2026-47214.
Affected packages (1)
- from 0, < 2.94.0
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.1 | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L |