CVE-2026-61460: Authorization Bypass Through User-Controlled Key in krayin laravel-crm
Krayin laravel-crm versions up to 2.2.3 contain an authorization bypass vulnerability due to insecure direct object references in multiple controllers. Authenticated users can exploit missing…
Read the full articleYou might also wanna read

WAF - WAF Release - 2026-04-30 - Emergency
This emergency release introduces a new rule to block a cPanel & WHM Authentication Bypass related to CVE-2026-41940. Key Findings CVE-2026-
'Djinn' Infostealer Campaign Exploits SimpleHelp RMM Vulnerability to Target Cloud and AI Credentials
The infostealer was delivered via CVE-2026-48558, a critical authentication bypass vulnerability in SimpleHelp.
'Djinn' Infostealer Campaign Exploits SimpleHelp RMM Vulnerability to Target Cloud and AI Credentials
The infostealer was delivered via CVE-2026-48558, a critical authentication bypass vulnerability in SimpleHelp.
BeyondTrust Patches Critical Auth Bypass Flaws in Remote Support and PRA
BeyondTrust has released updates to address two critical security flaws affecting Remote Support (RS) and Privileged Remote Access (PRA) pro
Critical Authentication Bypass Vulnerability Discovered in cPanel & WHM (CVE-2026-41940)
Hello! Yes, it's all a disaster again! Let's get this party started: 0:00 /0:12 1× No comments today, so imagine this: * We wrote something
watchTowr Labs·2mo ago
Comments
Sign in to join the conversation.
No comments yet. Be the first.