HIGH
garybowers
CVE published 2026-06-23
CVE-2026-56115
CVE-2026-56115 is a high-severity vulnerability in Bootimus, a tool for PXE booting and installation. The vulnerability allows authenticated low-privileged users to perform administrative actions by exploiting missing role enforcement in the JWTMiddleware function. This function validates JWT tokens and account status but fails to inspect the is_admin flag. Attackers can send requests to any endpoint unde [truncated]