CVE-2026-59235 - Missing authorization in Prospero Flow CRM allows low-privileged users to read all bank accounts
CVE ID :CVE-2026-59235 Published : July 15, 2026, 11:16 a.m. | 1 hour, 17 minutes ago Description :Missing Authorization (CWE-862) in BankAccountListController (app/Http/Controllers/Api/BankAccount/BankAccountListController.php), exposed at GET /api/bank-account, in Prospero Flow CRM <5.5.3,...