PT-2026-59126 · Pypi · Docling-Core

Published

2026-07-13

·

Updated

2026-07-13

CVSS v3.1

8.6

High

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L

Impact

In versions >= 1.5.0, < 2.74.1, docling-core did not sufficiently restrict remote request destinations and could resolve a server-provided Content-Disposition to a local path in an unsafe manner.
In applications that accept untrusted URLs, this could allow SSRF attacks targeting local files outside the user-defined cache directory.

Patches

Patched in docling-core 2.74.1. The fix adds stricter validation for remote destinations and normalizes server-provided filenames before use.
Users should upgrade to:
  • docling-core >= 2.74.1

Workarounds

If upgrading is not immediately possible, avoid passing untrusted URLs into remote fetch functionality.

References

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

Related Identifiers

PYSEC-2026-2457

Affected Products

Docling-Core