{"document":{"category":"csaf_vex","csaf_version":"2.0","title":"CVE-2026-47214: Docling: Unsafe URI and Path Handling in HTML Backend","publisher":{"category":"vendor","name":"HarborGuard Database","namespace":"https://database.harborguard.co"},"tracking":{"id":"CVE-2026-47214","status":"final","version":"1","initial_release_date":"2026-06-26T15:45:04.659Z","current_release_date":"2026-06-26T18:41:52.977Z","revision_history":[{"date":"2026-06-26T15:45:04.659Z","number":"1","summary":"Initial machine-readable export from HarborGuard."}]},"distribution":{"tlp":{"label":"WHITE"},"text":"Public CVE data; freely redistributable."},"notes":[{"category":"description","text":"Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. Prior to 2.94.0, the HTML backend has unsafe URI and path handling. This vulnerability is fixed in 2.94.0.","title":"CVE description"}],"references":[{"category":"self","summary":"CVE-2026-47214 on HarborGuard Database","url":"https://database.harborguard.co/cve/CVE-2026-47214"},{"category":"external","summary":"CVE Record","url":"https://www.cve.org/CVERecord?id=CVE-2026-47214"},{"category":"external","summary":"https://github.com/docling-project/docling/security/advisories/GHSA-q29v-xc37-wh5m","url":"https://github.com/docling-project/docling/security/advisories/GHSA-q29v-xc37-wh5m"},{"category":"external","summary":"https://github.com/docling-project/docling/releases/tag/v2.94.0","url":"https://github.com/docling-project/docling/releases/tag/v2.94.0"}]},"product_tree":{"branches":[{"category":"vendor","name":"docling-project","branches":[{"category":"product_name","name":"docling","branches":[{"category":"product_version","name":"< 2.94.0","product":{"name":"docling-project docling < 2.94.0","product_id":"CSAFPID-1","product_identification_helper":{"cpe":"cpe:2.3:a:docling-project:docling:\\<_2.94.0:*:*:*:*:*:*:*"}}}]}]}]},"vulnerabilities":[{"cve":"CVE-2026-47214","title":"Docling: Unsafe URI and Path Handling in HTML Backend","notes":[{"category":"description","text":"Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. Prior to 2.94.0, the HTML backend has unsafe URI and path handling. This vulnerability is fixed in 2.94.0.","title":"CVE description"}],"product_status":{"known_affected":["CSAFPID-1"]},"scores":[{"cvss_v3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L","baseScore":7.1,"baseSeverity":"HIGH"},"products":["CSAFPID-1"]}],"remediations":[{"category":"none_available","details":"No fixed version is published yet. Monitor the upstream advisory.","product_ids":["CSAFPID-1"]}]}]}