CVE-2026-39880 Remnawave Backend has a race condition in HWID device limit allows bypassing max devices

Remnawave Backend is the backend for the Remnawave proxy and user management solution. Prior to 2.7.5, a glitch in the HWID device registration logic allows an authenticated user to bypass the configured limit for HWID devices and register more devices than expected, allowing them to resell...

CVE-2026-39880

Remnawave Backend vulnerability CVE-2026-39880 affects the Remnawave Backend (HWID device registration logic). Before version 2.7.5, an authenticated user can bypass the HWID device limit and register more devices, enabling subscription resales and excessive traffic. Root cause: a race condition ...

CVE-2026-39880 Remnawave Backend has a race condition in HWID device limit allows bypassing max devices

Remnawave Backend is the backend for the Remnawave proxy and user management solution. Prior to 2.7.5, a glitch in the HWID device registration logic allows an authenticated user to bypass the configured limit for HWID devices and register more devices than expected, allowing them to resell...

EUVD-2026-20620

Remnawave Backend is the backend for the Remnawave proxy and user management solution. Prior to 2.7.5, a glitch in the HWID device registration logic allows an authenticated user to bypass the configured limit for HWID devices and register more devices than expected, allowing them to resell...

Device limit per user in Enrollment profiles not being enforced MAM-only

Enrollment Profiles has been set to limit users on specific delivery groups to a certain limit of devices per user. This should prevent people on these delivery groups from activating Secure Hub on more devices than they are allowed. However, these users are still able to activate with no...

Unable to enroll more than two devices per user to XenMobile Server

When trying to enroll an iOS device with an user account that already has 2 devices enrolled, the enrollment would fail during the 2nd profile installation, with the following error message :Profile installation failed -A connection to the server could not be established On Android, the same...

dhcpd buffer overrun

The specific flaw exists within the parsing of the DHCP options in a DHCP ACK packet. The vulnerability is triggered when the LENGTH of an option, when added to the current read position, exceeds the actual length of the DHCP options buffer. An attacker can leverage this vulnerability to execute...

qemu: buffer overflow in scsi_target_emulate_report_luns

Buffer overflow in the SCSI implementation in QEMU, as used in Xen, when a SCSI controller has more than 256 attached devices, allows local users to gain privileges via a small transfer buffer in a REPORT LUNS command...