Understanding and Mitigating Unsafe Remote Filename Resolution in Docling Core
A vulnerability in Docling Core, tracked as CVE-2026-44023, allows for unsafe remote filename resolution, potentially leading to SSRF attacks. This issue affects versions >= 1.5.0 and < 2.74.1 of docling-core. The vulnerability has been patched in version 2.74.1.