{"data":{"id":"7fa0cbb9-70b6-4a95-bb30-33dde0f6b654","title":"CVE-2026-44018: Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecos","summary":"Docling is a tool that processes documents in different formats and connects them with AI systems. Versions 2.45.0 through 2.91.0 had security flaws in how they parsed METS-GBS archives (a type of compressed document file), allowing attackers to craft malicious files that could steal sensitive data, use up system resources, or crash the application.","solution":"This vulnerability is fixed in version 2.91.0. Users should update to this version or later.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2026-44018","publishedAt":"2026-06-26T16:16:30.767Z","cveId":"CVE-2026-44018","cweIds":["CWE-409","CWE-611","CWE-776"],"cvssScore":"5.5","cvssSeverity":"medium","severity":"medium","attackType":["denial_of_service","data_extraction"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["Docling"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","attackVector":"local","attackComplexity":"low","privilegesRequired":"none","userInteraction":"required","exploitMaturity":"unknown","epssScore":0,"patchAvailable":null,"disclosureDate":"2026-06-26T16:16:30.767Z","capecIds":["CAPEC-197"],"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","availability"],"aiComponentTargeted":"framework","llmSpecific":false,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":null}}