CVE-2026-31248 | Docling up to 2.61.0 XML Parser etree.fromstring xml external entity reference

A vulnerability was found in Docling up to 2.61.0. It has been classified as problematic. This vulnerability affects the function etree.fromstring of the component XML Parser. The manipulation leads to xml external entity reference.

This vulnerability is uniquely identified as CVE-2026-31248. The attack is possible to be carried out remotely. No exploit exists.VulDB Recent EntriesRead More