CRITICAL
wg-easy
CVE published 2026-07-16
CVE-2026-63089
WireGuard Easy through version 15.3.0 is vulnerable to a cryptographically weak one-time link token generation vulnerability. This vulnerability allows unauthenticated network attackers to recover WireGuard peer credentials by brute-forcing a keyspace of at most 1000 candidate tokens per client ID. The token is computed using CRC32 over a random value constrained to 0-999. Attackers can enumerate candidat [truncated]