Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. Prior to 2.94.0, the HTML backend has unsafe URI and path handling. This vulnerability is fixed in 2.94.0.
References
| Link | Resource |
|---|---|
| https://github.com/docling-project/docling/releases/tag/v2.94.0 | Patch |
| https://github.com/docling-project/docling/security/advisories/GHSA-q29v-xc37-wh5m | Vendor Advisory Mitigation Patch |
Configurations
History
02 Jul 2026, 14:00
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:a:docling:docling:*:*:*:*:*:python:*:* | |
| First Time |
Docling
Docling docling |
|
| References | () https://github.com/docling-project/docling/releases/tag/v2.94.0 - Patch | |
| References | () https://github.com/docling-project/docling/security/advisories/GHSA-q29v-xc37-wh5m - Vendor Advisory, Mitigation, Patch |
26 Jun 2026, 16:16
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2026-06-26 16:16
Updated : 2026-07-02 14:00
NVD link : CVE-2026-47214
Mitre link : CVE-2026-47214
CVE.ORG link : CVE-2026-47214
JSON object : View
Products Affected
docling
- docling
