A vulnerability, which was classified as problematic, was found in pathwaycom pathway up to 0.31.1. The affected element is an unknown function of the file /v1/retrieve of the component HTTP Endpoint. Such manipulation of the argument filepath_globpattern leads to inefficient algorithmic complexity.

This vulnerability is documented as CVE-2026-59094. The attack can be executed remotely. There is not any exploit available.

You should upgrade the affected component.