cleantalk
Vulnerabilities and Security Researches

Knit Pay – Instamojo, Razorpay, Cashfree, Stripe, Easebuzz, UPI QR, CCAvenue, GoUrl, CVE-2026-49070

CVE, Research URL

CVE-2026-49070

Home page URL

Security reports for Knit Pay – Instamojo, Razorpay, Cashfree, Stripe, Easebuzz, UPI QR, CCAvenue, GoUrl

Application

Knit Pay – Instamojo, Razorpay, Cashfree, Stripe, Easebuzz, UPI QR, CCAvenue, GoUrl

Published on
Jun 16, 2026
Research Description
Unauthenticated Broken Access Control in Knit Pay <= 9.4.0.0 versions.
Affected versions
max 9.4.0.1.
Status
vulnerable
Previous vulnerability researches
Live Support Tickets, Contact Forms, CRM (CVE-2024-49235) , Oct 18, 2024
New vulnerability
Faust.js (CVE-2026-49062) , Jun 18, 2026
Conekta Payment Gateway (CVE-2026-49066) , Jun 18, 2026
Knit Pay &#8211; Instamojo, Razorpay, Cashfree, Stripe, Easebuzz, UPI QR, CCAvenue, GoUrl (CVE-2026-49070) , Jun 18, 2026
Premmerce Dev Tools (CVE-2026-6933) , Jun 17, 2026
Video Conferencing with Zoom (CVE-2026-6964) , Jun 17, 2026