diff --git a/cbor/src/main/java/com/fasterxml/jackson/dataformat/cbor/CBORFactory.java b/cbor/src/main/java/com/fasterxml/jackson/dataformat/cbor/CBORFactory.java
index c7b290c9f..912bb55c5 100644
--- a/cbor/src/main/java/com/fasterxml/jackson/dataformat/cbor/CBORFactory.java
+++ b/cbor/src/main/java/com/fasterxml/jackson/dataformat/cbor/CBORFactory.java
@@ -425,6 +425,8 @@ protected JsonParser _createParser(char[] data, int offset, int len, IOContext c
     @Override
     protected CBORParser _createParser(byte[] data, int offset, int len, IOContext ctxt) throws IOException
     {
+        // [core#1548] Validate doc length up front for fixed buffers
+        _streamReadConstraints.validateDocumentLength(len);
         return new CBORParserBootstrapper(ctxt, data, offset, len).constructParser(
                 _factoryFeatures, _parserFeatures, _formatParserFeatures,
                 _objectCodec, _byteSymbolCanonicalizer);
diff --git a/cbor/src/test/java/com/fasterxml/jackson/dataformat/cbor/gen/constraints/LongDocumentCBORReadTest.java b/cbor/src/test/java/com/fasterxml/jackson/dataformat/cbor/gen/constraints/LongDocumentCBORReadTest.java
index 3dcda72e6..28d73f05d 100644
--- a/cbor/src/test/java/com/fasterxml/jackson/dataformat/cbor/gen/constraints/LongDocumentCBORReadTest.java
+++ b/cbor/src/test/java/com/fasterxml/jackson/dataformat/cbor/gen/constraints/LongDocumentCBORReadTest.java
@@ -8,18 +8,19 @@
 
 import com.fasterxml.jackson.core.*;
 import com.fasterxml.jackson.core.exc.StreamConstraintsException;
-import com.fasterxml.jackson.databind.ObjectMapper;
+
 import com.fasterxml.jackson.dataformat.cbor.CBORFactory;
 import com.fasterxml.jackson.dataformat.cbor.CBORTestBase;
+import com.fasterxml.jackson.dataformat.cbor.databind.CBORMapper;
 
 import static org.junit.jupiter.api.Assertions.assertTrue;
 import static org.junit.jupiter.api.Assertions.fail;
 
 public class LongDocumentCBORReadTest extends CBORTestBase
 {
-    private final ObjectMapper MAPPER_VANILLA = cborMapper();
+    private final CBORMapper MAPPER_VANILLA = cborMapper();
 
-    private final ObjectMapper MAPPER_CONSTRAINED = cborMapper(
+    private final CBORMapper MAPPER_CONSTRAINED = cborMapper(
             CBORFactory.builder()
             // limit to 100kB doc reads
                 .streamReadConstraints(StreamReadConstraints.builder()
@@ -32,13 +33,20 @@ public void testLongDocumentConstraint() throws Exception
     {
         // Need a bit longer than minimum since checking is approximate, not exact
         byte[] doc = createBigDoc(60_000);
-        // Must read from `InputStream` as validation is during "loadMore()":
-        try (JsonParser p = MAPPER_CONSTRAINED.createParser(new ByteArrayInputStream(doc))) {
+        _testLongDocumentConstraint(doc, true);
+        // [dataformats-binary#649] fixed buffer too
+        _testLongDocumentConstraint(doc, false);
+    }
+
+    private void _testLongDocumentConstraint(byte[] doc, boolean stream) throws Exception
+    {
+        try (JsonParser p = stream
+                ? MAPPER_CONSTRAINED.createParser(new ByteArrayInputStream(doc))
+                : MAPPER_CONSTRAINED.createParser(doc, 0, doc.length)) {
             while (p.nextToken() != null) { }
             fail("expected StreamConstraintsException");
         } catch (StreamConstraintsException e) {
             final String msg = e.getMessage();
-
             assertTrue(msg.contains("Document length ("));
             assertTrue(msg.contains("exceeds the maximum allowed (50000"));
         }
diff --git a/release-notes/VERSION-2.x b/release-notes/VERSION-2.x
index c991548af..974664cb8 100644
--- a/release-notes/VERSION-2.x
+++ b/release-notes/VERSION-2.x
@@ -18,6 +18,8 @@ Active maintainers:
 
 #645: (avro) Remove use of Avro `Schema.Parser().setValidate()` to allow
   use of Avro core 1.12.1 (2.x)
+#649: (cbor, smile) `StreamReadConstraints.maxDocumentLength` not checked
+  when creating parser with fixed buffer
 
 2.21.0 (18-Jan-2026)
 
diff --git a/smile/src/main/java/com/fasterxml/jackson/dataformat/smile/SmileFactory.java b/smile/src/main/java/com/fasterxml/jackson/dataformat/smile/SmileFactory.java
index b389960ca..8be6251b1 100644
--- a/smile/src/main/java/com/fasterxml/jackson/dataformat/smile/SmileFactory.java
+++ b/smile/src/main/java/com/fasterxml/jackson/dataformat/smile/SmileFactory.java
@@ -458,6 +458,8 @@ protected JsonParser _createParser(char[] data, int offset, int len, IOContext c
     @Override
     protected SmileParser _createParser(byte[] data, int offset, int len, IOContext ctxt) throws IOException
     {
+        // [core#1548] Validate doc length up front for fixed buffers
+        _streamReadConstraints.validateDocumentLength(len);
         return new SmileParserBootstrapper(ctxt, data, offset, len).constructParser(
                 _factoryFeatures, _parserFeatures, _smileParserFeatures,
                 _objectCodec, _byteSymbolCanonicalizer);
diff --git a/smile/src/test/java/com/fasterxml/jackson/dataformat/smile/constraints/LongDocumentSmileReadTest.java b/smile/src/test/java/com/fasterxml/jackson/dataformat/smile/constraints/LongDocumentSmileReadTest.java
index b3ba4ddbd..bfc20a2e8 100644
--- a/smile/src/test/java/com/fasterxml/jackson/dataformat/smile/constraints/LongDocumentSmileReadTest.java
+++ b/smile/src/test/java/com/fasterxml/jackson/dataformat/smile/constraints/LongDocumentSmileReadTest.java
@@ -8,7 +8,6 @@
 
 import com.fasterxml.jackson.core.*;
 import com.fasterxml.jackson.core.exc.StreamConstraintsException;
-import com.fasterxml.jackson.databind.ObjectMapper;
 import com.fasterxml.jackson.dataformat.smile.BaseTestForSmile;
 import com.fasterxml.jackson.dataformat.smile.SmileFactory;
 import com.fasterxml.jackson.dataformat.smile.databind.SmileMapper;
@@ -17,9 +16,9 @@
 
 public class LongDocumentSmileReadTest extends BaseTestForSmile
 {
-    private final ObjectMapper MAPPER_VANILLA = new SmileMapper();
+    private final SmileMapper MAPPER_VANILLA = new SmileMapper();
 
-    private final ObjectMapper MAPPER_CONSTRAINED = new SmileMapper(
+    private final SmileMapper MAPPER_CONSTRAINED = new SmileMapper(
             SmileFactory.builder()
             // limit to 100kB doc reads
                 .streamReadConstraints(StreamReadConstraints.builder()
@@ -32,13 +31,20 @@ public void testLongDocumentConstraint() throws Exception
     {
         // Need a bit longer than minimum since checking is approximate, not exact
         byte[] doc = createBigDoc(60_000);
-        // Must read from `InputStream` as validation is during "loadMore()":
-        try (JsonParser p = MAPPER_CONSTRAINED.createParser(new ByteArrayInputStream(doc))) {
+        _testLongDocumentConstraint(doc, true);
+        // [dataformats-binary#649] fixed buffer too
+        _testLongDocumentConstraint(doc, false);
+    }
+
+    private void _testLongDocumentConstraint(byte[] doc, boolean stream) throws Exception
+    {
+        try (JsonParser p = stream
+                ? MAPPER_CONSTRAINED.createParser(new ByteArrayInputStream(doc))
+                : MAPPER_CONSTRAINED.createParser(doc, 0, doc.length)) {
             while (p.nextToken() != null) { }
             fail("expected StreamConstraintsException");
         } catch (StreamConstraintsException e) {
             final String msg = e.getMessage();
-
             assertTrue(msg.contains("Document length ("));
             assertTrue(msg.contains("exceeds the maximum allowed (50000"));
         }