CVE Catalog

CVE-2026-44016

HighCVSS 8.2
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.38%

30th percentile - higher than 30% of all known CVEs

Summary

A vulnerability in Docling versions 2.82.0 through 2.91.0 allows arbitrary JavaScript execution and unrestricted network access when processing untrusted HTML documents with the Playwright-based rendering feature enabled. An attacker can exploit this for SSRF attacks, data exfiltration, or remote code execution in the rendering environment.

Risk Assessment

The organization risks compromise of the rendering environment, leakage of sensitive data, and attacks on internal network services, potentially leading to severe security breaches and system integrity issues.

Recommendation

Immediately upgrade Docling to version 2.91.0 or later. Until upgraded, disable the Playwright-based HTML rendering option.

Original NVD description (English source)

Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. FIn versions >= 2.82.0, < 2.91.0, if the HTML backend was explicitly configured for rendering (rendering option by default deactivated), then the Playwright-based rendering feature could allow JavaScript execution and unrestricted network access when processing untrusted HTML documents. An attacker could craft malicious HTML that executes arbitrary JavaScript in the rendering context or makes unauthorized network requests to internal services, potentially leading to SSRF attacks, data exfiltration, or remote code execution in the rendering environment. This vulnerability is fixed in 2.91.0.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS