A vulnerability described as problematic has been identified in GROWI . This impacts an unknown function. Such manipulation leads to inefficient regular expression complexity. This vulnerability is documented as CVE-2026-41040 . The attack can be executed remotely. There is not any exploit available.