VIR Vulnerability Intelligence Relay

Package impact

PIP / docling

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-31248 high 7.5 7.5 18d ago Docling's METS GBS backend is vulnerable to XML Entity Expansion (XXE) attacks
CVE-2026-31247 high 7.5 7.5 19d ago Docling's JATS XML backend is vulnerable to XML Entity Expansion (XXE) attacks