Tag

Bola

1 brief RSS

Webkul Krayin CRM BOLA Vulnerability (CVE-2026-38529)

CVE-2026-38529 is a Broken Object-Level Authorization (BOLA) vulnerability in Webkul Krayin CRM v2.2.x that allows authenticated attackers to reset user passwords and take over accounts.

bola cve-2026-38529 krayin-crm account-takeover

2r 1t 1c 2w ago