CVE-2026-44023
Received Received - Intake

SSRF via Unsafe Content-Disposition in Docling Core

Vulnerability report for CVE-2026-44023, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-16

Last updated on: 2026-07-16

Assigner: GitHub, Inc.

Description

Docling Core defines core data types and transformations for the document processing application Docling. In versions 1.5.0 and above, prior to 2.74.1, docling-core did not sufficiently restrict remote request destinations and could resolve a server-provided Content-Disposition to a local path in an unsafe manner. In applications that accept untrusted URLs, this could allow SSRF attacks targeting local files outside the user-defined cache directory. This issue has been fixed in version 2.74.1.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-16
Last Modified
2026-07-16
Generated
2026-07-17
AI Q&A
2026-07-17
EPSS Evaluated
N/A
NVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
docling docling_core to 2.74.1 (exc)
docling docling_core 2.74.1

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-918 The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.
CWE-22 The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

Docling Core versions 1.5.0 to 2.74.0 have a security flaw where remote requests are not properly restricted. The system could incorrectly resolve a server-provided Content-Disposition header to a local file path outside the intended cache directory. This allows Server-Side Request Forgery (SSRF) attacks targeting local files.

Detection Guidance

To detect this vulnerability, check if your Docling Core version is between 1.5.0 and 2.74.0. Run: docling-core --version. If the version is in this range, the system is vulnerable. Additionally, inspect applications using Docling Core for untrusted URL handling that could lead to SSRF attacks.

Impact Analysis

If you use an application that accepts untrusted URLs with this vulnerable version of Docling Core, attackers could trick the system into accessing local files. This may lead to unauthorized data exposure, file manipulation, or further network compromise depending on the application's context.

Compliance Impact

This vulnerability could violate compliance requirements by enabling unauthorized access to sensitive local files, potentially exposing personal or confidential data. GDPR and HIPAA both mandate protection of personal data, and such breaches could result in regulatory penalties or loss of trust.

Mitigation Strategies

Upgrade Docling Core to version 2.74.1 or later to address the SSRF vulnerability. If upgrading is not immediately possible, restrict network access to untrusted URLs and validate all Content-Disposition headers to prevent local path resolution.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-44023. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart