CVE-2026-56115 garybowers CVE debrief

Who should care

Administrators and users of Bootimus, especially those who have not updated to the latest version, should be aware of this vulnerability. The vulnerability allows attackers to gain full control of the server, which could lead to unauthorized access and modification of sensitive data. Users of Bootimus should take immediate action to patch this vulnerability.

Technical summary

The vulnerability is caused by missing role enforcement in the JWTMiddleware function in internal/auth/auth.go. The function validates JWT tokens and account status but fails to inspect the is_admin flag. This allows authenticated low-privileged users to perform administrative actions. The vulnerability can be exploited by sending requests to any endpoint under the /api/users path. The vulnerability has a CVSS score of 8.7 and is classified as HIGH.

Defensive priority

High priority should be given to patching this vulnerability as it allows attackers to gain full control of the server. Administrators should take immediate action to update Bootimus to the latest version.

Recommended defensive actions

• Update Bootimus to the latest version
• Review and modify the JWTMiddleware function to inspect the is_admin flag
• Restrict access to the /api/users path
• Monitor for suspicious activity on the server
• Implement additional security measures to prevent similar vulnerabilities

Evidence notes

The vulnerability was reported by Vulncheck and is classified as CWE-862. The CVE record and NVD detail can be found at https://www.cve.org/CVERecord?id=CVE-2026-56115 and https://nvd.nist.gov/vuln/detail/CVE-2026-56115 respectively.

Official resources