[HIGH] Webkul Krayin CRM has Broken Object-Level Authorization (BOLA) in the /Contact/Persons/PersonController.php

PKSA-2w9z-jxqd-y35k CVE-2026-38532 GHSA-2xx8-j85v-j7wh

Affected package: krayin/laravel-crm

Affected version: <=2.2.0

Reported by:
GitHub