CVE-2026-44022: CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in docling-project docling
Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. From 2.73.0 until 2.91.0, he LaTeX backend's handling of \includegraphics, \input, and \include commands lacked path containment validation. Attackers could craft malicious LaTeX documents with path traversal sequences to read arbitrary files from the file system accessible to the process, include sensitive files in the converted document output, or potentially access configuration files, credentials, or other sensitive data This vulnerability is fixed in 2.91.0.
AI Analysis
Technical Summary
CVE-2026-44022 is a path traversal vulnerability in docling-project's docling software affecting versions >=2.73.0 and <2.91.0. The vulnerability arises from improper validation of file paths in the LaTeX backend's handling of \includegraphics, \input, and \include commands. Attackers can exploit this by crafting malicious LaTeX documents containing path traversal sequences to read arbitrary files on the filesystem accessible to the docling process. This can lead to unauthorized disclosure of sensitive files or configuration data. The vulnerability has a CVSS 3.1 base score of 5.5 (medium severity) and is fixed in version 2.91.0.
Potential Impact
Exploitation allows an attacker with the ability to process malicious LaTeX documents through docling to read arbitrary files on the host filesystem accessible to the docling process. This can result in unauthorized disclosure of sensitive information such as configuration files or credentials. There is no indication of integrity or availability impact. No known exploits in the wild have been reported.
Mitigation Recommendations
Upgrade docling to version 2.91.0 or later, where the vulnerability is fixed. No other official remediation or temporary fixes are documented. Patch status is not explicitly stated as 'official-fix' in the input, but the description confirms the issue is fixed in 2.91.0.
CVE-2026-44022: CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in docling-project docling
Description
Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. From 2.73.0 until 2.91.0, he LaTeX backend's handling of \includegraphics, \input, and \include commands lacked path containment validation. Attackers could craft malicious LaTeX documents with path traversal sequences to read arbitrary files from the file system accessible to the process, include sensitive files in the converted document output, or potentially access configuration files, credentials, or other sensitive data This vulnerability is fixed in 2.91.0.
CVSS v3.1
Score 5.5medium
Affected software
pkg:github/docling-project/doclingRun on your own infrastructure? Check whether these packages are installed with threat-finder — our free open-source scanner.
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2026-44022 is a path traversal vulnerability in docling-project's docling software affecting versions >=2.73.0 and <2.91.0. The vulnerability arises from improper validation of file paths in the LaTeX backend's handling of \includegraphics, \input, and \include commands. Attackers can exploit this by crafting malicious LaTeX documents containing path traversal sequences to read arbitrary files on the filesystem accessible to the docling process. This can lead to unauthorized disclosure of sensitive files or configuration data. The vulnerability has a CVSS 3.1 base score of 5.5 (medium severity) and is fixed in version 2.91.0.
Potential Impact
Exploitation allows an attacker with the ability to process malicious LaTeX documents through docling to read arbitrary files on the host filesystem accessible to the docling process. This can result in unauthorized disclosure of sensitive information such as configuration files or credentials. There is no indication of integrity or availability impact. No known exploits in the wild have been reported.
Mitigation Recommendations
Upgrade docling to version 2.91.0 or later, where the vulnerability is fixed. No other official remediation or temporary fixes are documented. Patch status is not explicitly stated as 'official-fix' in the input, but the description confirms the issue is fixed in 2.91.0.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2026-05-04T21:24:36.506Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a3c19c5eed863c81e395106
Added to database: 06/24/2026, 17:54:13 UTC
Last enriched: 06/24/2026, 18:10:31 UTC
Last updated: 06/24/2026, 19:23:42 UTC
Views: 4
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.