Description
Docling's JATS XML backend is vulnerable to XML Entity Expansion (XXE) attacks thru 2.61.0. The backend uses etree.parse() to parse XML files without disabling entity resolution. An attacker can craft a malicious XML file containing a nested entity expansion payload (XML Bomb). When processed by Docling, the exponential expansion of entities leads to excessive resource consumption, resulting in a denial of service (DoS) condition on the system running the Docling parser.
Published: 2026-05-11
Score: 7.5 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Docling’s JATS XML backend performs XML parsing by calling etree.parse() without disabling entity resolution, which allows an attacker to create a malicious XML file that contains a deeply nested entity expansion payload, commonly known as an XML bomb. When the parser processes such a file, the exponential expansion of entities consumes excessive CPU and memory resources. This resource exhaustion can halt the Docling service or, in the worst case, bring the entire system running the parser to a halt, effectively creating a denial of service condition.

Affected Systems

The vulnerability exists in the Docling JATS XML backend up through version 2.61.0. No other vendors or products are listed; the issue affects whichever installations of Docling use the default XML parsing routine. The exact vendor and product details are limited to the Docling project itself.

Risk and Exploitability

The attack requires an attacker to supply a crafted XML file to the Docling backend; this could be achieved through any interface that accepts XML content, such as APIs or command‑line inputs. The CVSS score is 7.5, and the EPSS score is < 1%, but the nature of the flaw suggests it is exploitable by anyone with write access to the XML ingest path. The vulnerability is not listed in CISA’s KEV catalog, but it can still cause significant operational impact if left unmitigated.

Generated by OpenCVE AI on May 12, 2026 at 23:50 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Docling to the latest release that includes hardening of the XML parser, such as disabling entity resolution before parsing.
  • If an upgrade is not immediately possible, isolate the XML ingestion endpoint so that only trusted users can submit XML and monitor system resource usage closely.
  • In any custom integration code, replace etree.parse() calls with a parser that explicitly disables external entity resolution, for example by using the lxml.etree.XMLParser with resolve_entities=False.

Generated by OpenCVE AI on May 12, 2026 at 23:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 13 May 2026 00:15:00 +0000

Type Values Removed Values Added
Title XML Entity Expansion Vulnerability in Docling JATS Backend Causes Denial of Service

Tue, 12 May 2026 22:30:00 +0000

Type Values Removed Values Added
Title XML Entity Expansion in Docling JATS XML Backend Causes Denial of Service
Weaknesses CWE-606
CWE-749

Tue, 12 May 2026 19:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-400
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 12 May 2026 10:45:00 +0000

Type Values Removed Values Added
First Time appeared Docling-project
Docling-project docling
Vendors & Products Docling-project
Docling-project docling

Mon, 11 May 2026 17:00:00 +0000

Type Values Removed Values Added
Title XML Entity Expansion in Docling JATS XML Backend Causes Denial of Service
Weaknesses CWE-606
CWE-749

Mon, 11 May 2026 15:30:00 +0000

Type Values Removed Values Added
Description Docling's JATS XML backend is vulnerable to XML Entity Expansion (XXE) attacks thru 2.61.0. The backend uses etree.parse() to parse XML files without disabling entity resolution. An attacker can craft a malicious XML file containing a nested entity expansion payload (XML Bomb). When processed by Docling, the exponential expansion of entities leads to excessive resource consumption, resulting in a denial of service (DoS) condition on the system running the Docling parser.
References

Subscriptions

Docling-project Docling
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-05-12T18:42:55.864Z

Reserved: 2026-03-09T00:00:00.000Z

Link: CVE-2026-31247

cve-icon Vulnrichment

Updated: 2026-05-12T18:42:50.900Z

cve-icon NVD

Status : Received

Published: 2026-05-11T16:17:29.743

Modified: 2026-05-12T19:16:30.443

Link: CVE-2026-31247

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-13T00:00:17Z

Weaknesses