Open-Source Security Intelligence

Know every vulnerability
before it knows you.

DevGuard continuously monitors your dependencies and alerts you when CVEs like this one affect your stack — with real-time threat intelligence built for developers.

Checkout DevGuard View on GitHub

GHSA-r3xg-rg9j-67fv

MediumCVSS 5.5 / 10

Published Jun 3, 2026·Last modified Jun 3, 2026

Affected Components(1)

docling

2.45.0 – 2.91.0

Description

Impact

The METS-GBS backend's XML parsing and the input document format detection lacked security controls, enabling:

XML External Entity (XXE) attacks to read local files or cause denial of service
Decompression bombs (zip bombs) to exhaust memory and disk space
Unbounded archive extraction consuming system resources

An attacker could craft malicious METS-GBS archives that, when processed, could read sensitive files, exhaust system resources, or cause application crashes.

Patches

Fixed in version 2.91.0. The fix implements:

Secure XML parsing with resolve_entities=False, load_dtd=False, and no_network=True
Configurable limits: 300 MB total extraction size, 10 MB per file, 1000 member count
Cumulative size tracking across all extractions
Early termination when limits are exceeded
Secure format detection of METS-GBS tar archives with _detect_mets_gbs() method: maximum file size (10 MB per file), maximum member count (1000 members), and exception handling to gracefully fail when limits are exceeded

Workarounds

Avoid processing METS-GBS archives from untrusted sources. If necessary, pre-validate archives in an isolated environment with resource limits.

References

Fix release: v2.91.0

Risk Scores

Base Score

5.5

The vulnerability requires local access to the device to be exploited. It is easy for an attacker to exploit this vulnerability. An attacker does not need any special privileges or access rights. The attacker needs the user to perform some action, like clicking a link. The impact is confined to the system where the vulnerability exists. There is a high impact on the availability of the system.

Threat Intelligence

5.1

Exploitation attempts have been detected. Elevated vigilance and prompt remediation are advised.

EPSS

N/A

Probability that this vulnerability will be exploited in the wild within the next 30 days.

Exploit

Not available

We did not find any exploit available. Neither in GitHub repositories nor in the Exploit-Database.

Browse More

Medium severity

Scan your project

Continuously monitor your dependencies and get alerted when vulnerabilities like this one affect your stack.