A vulnerability, which was classified as critical, was found in krayin laravel-crm up to 2.2.3. Affected is an unknown function of the component Record Management Controllers. Executing a manipulation can lead to improper control of resource identifiers.

This vulnerability is handled as CVE-2026-61460. The attack can be executed remotely. There is not any exploit available.