Description
Docling's METS GBS backend is vulnerable to XML Entity Expansion (XXE) attacks thru 2.61.0. The backend extracts and validates XML files from .tar.gz archives using etree.fromstring() without disabling entity resolution. An attacker can craft a malicious XML file with nested entity definitions (XML Bomb) and package it into a .tar.gz archive. When processed by Docling, the exponential expansion of entities during XML parsing leads to excessive resource consumption, resulting in a denial of service (DoS) condition on the system running the Docling parser.
Published: 2026-05-11
Score: 7.5 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Docling's METS GBS backend processes XML files stored inside .tar.gz archives by calling etree.fromstring() without disabling external entity resolution. An attacker can embed a malicious XML file containing a large number of nested entity definitions—an XML bomb—into the archive. When the backend parses the file, the XML parser expands the entities exponentially, consuming excessive CPU and memory until the system becomes unresponsive, thereby creating a denial of service condition.

Affected Systems

All installations of Docling whose METS GBS backend version is 2.61.0 or earlier are affected. The vulnerability is tied to the XML processing routine in that specific version range and does not extend to later releases that have not been confirmed to be patched.

Risk and Exploitability

The CVSS score is 7.5, indicating high severity, and the EPSS score is <1%, suggesting a very low probability of exploitation in the wild. However, the attack vector is external; an adversary who can supply a .tar.gz archive to the backend can trigger the exploit. The vulnerability is not listed in the CISA KEV catalog, but the uncontrolled resource consumption presents a high‑impact denial of service risk if an attacker targets the system. Organizations should evaluate the exposure of their Docling deployment to uploaded archives and consider the potential for DoS.

Generated by OpenCVE AI on May 12, 2026 at 22:11 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to a version of Docling that disables XML entity resolution or otherwise mitigates XML bomb parsing
  • Configure the XML parser to disable external entity resolution if possible, or replace etree.fromstring() with a safer parsing library that limits entity expansion
  • Implement validation on uploaded archives to reject XML files with unusually large or deeply nested entity definitions
  • Monitor system resource metrics and logs for sudden spikes that could indicate an XML entity expansion attack

Generated by OpenCVE AI on May 12, 2026 at 22:11 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 12 May 2026 22:30:00 +0000

Type Values Removed Values Added
Title XML Entity Expansion (XXE) Exploitation Causing DoS in Docling METS GBS Backend

Tue, 12 May 2026 19:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-776
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 12 May 2026 10:45:00 +0000

Type Values Removed Values Added
First Time appeared Docling-project
Docling-project docling
Vendors & Products Docling-project
Docling-project docling

Mon, 11 May 2026 16:30:00 +0000

Type Values Removed Values Added
Description Docling's METS GBS backend is vulnerable to XML Entity Expansion (XXE) attacks thru 2.61.0. The backend extracts and validates XML files from .tar.gz archives using etree.fromstring() without disabling entity resolution. An attacker can craft a malicious XML file with nested entity definitions (XML Bomb) and package it into a .tar.gz archive. When processed by Docling, the exponential expansion of entities during XML parsing leads to excessive resource consumption, resulting in a denial of service (DoS) condition on the system running the Docling parser.
References

Subscriptions

Docling-project Docling
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-05-12T18:44:28.080Z

Reserved: 2026-03-09T00:00:00.000Z

Link: CVE-2026-31248

cve-icon Vulnrichment

Updated: 2026-05-12T18:44:23.530Z

cve-icon NVD

Status : Received

Published: 2026-05-11T17:16:19.647

Modified: 2026-05-12T19:16:30.620

Link: CVE-2026-31248

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-12T22:15:25Z

Weaknesses