Skip to main content

Remnawave Backend

1 CVEs product

Monthly

CVE-2026-39880 MEDIUM PATCH This Month

Remnawave Backend prior to version 2.7.5 allows authenticated users to bypass HWID device registration limits through a race condition in the device registration logic, enabling subscription resale and excessive traffic consumption. The vulnerability requires valid authentication credentials but affects the integrity of subscription management controls across the system. A vendor-released patch is available in version 2.7.5.

Authentication Bypass Race Condition Remnawave Backend
NVD GitHub
CVSS 3.1
5.0
EPSS
0.0%
EPSS 0% CVSS 5.0
MEDIUM PATCH This Month

Remnawave Backend prior to version 2.7.5 allows authenticated users to bypass HWID device registration limits through a race condition in the device registration logic, enabling subscription resale and excessive traffic consumption. The vulnerability requires valid authentication credentials but affects the integrity of subscription management controls across the system. A vendor-released patch is available in version 2.7.5.

Authentication Bypass Race Condition Remnawave Backend
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy