CVE-2026-44017: Docling: Unsafe Zip Extraction in EasyOCR Model Download

June 3, 2026

In versions < 2.91.0, The EasyOCR model download functionality extracted ZIP archives without validating member paths, enabling Zip Slip attacks. If an attacker could compromise the model download source (via supply chain attack, DNS spoofing, or MITM), they could write arbitrary files to any location writable by the process, potentially achieving:

Remote code execution by overwriting Python files or system binaries
Persistent backdoors by modifying startup scripts or SSH keys
Data corruption or system compromise

References

github.com/advisories/GHSA-cjqg-rq2h-2fvj
github.com/docling-project/docling/releases/tag/v2.91.0
github.com/docling-project/docling/security/advisories/GHSA-cjqg-rq2h-2fvj
nvd.nist.gov/vuln/detail/CVE-2026-44017

Code Behaviors & Features

Detect and mitigate CVE-2026-44017 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →