A vulnerability marked as critical has been reported in enesgkky Pulpy up to 0.1.0 . This affects the function validateFsPath . This manipulation causes path traversal. The identification of this vulnerability is CVE-2026-44225 . It is possible to initiate the attack remotely. There is no exploit available. It is suggested to upgrade the affected component.