pkg:PyPI/docling

All known vulnerabilities

• HIGH7.5CVE-2026-31248Docling's METS GBS backend is vulnerable to XML Entity Expansion (XXE) attacks
  from 0, <= 2.61.0
• HIGH7.5CVE-2026-31247Docling's JATS XML backend is vulnerable to XML Entity Expansion (XXE) attacks
  from 0, <= 2.61.0
• MEDIUM5.5CVE-2026-44022Docling: Potential Path Traversal via LaTeX \includegraphics and \input Commands
  >= 2.73.0, < 2.91.0