CVE-2025-26465
high-risk
Published 2025-02-18
A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client's memory resource first, turning the attack complexity high.
Do I need to act?
!
73.6% chance of exploitation in next 30 days
EPSS score — higher than 26% of all CVEs
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
6
CVSS 6.8/10
Medium
NETWORK
/ HIGH complexity
Affected Products (10)
References (26)
Third Party Advisory
https://access.redhat.com/security/cve/CVE-2025-26465
Issue Tracking
https://bugzilla.redhat.com/show_bug.cgi?id=2344780
Mailing List
https://seclists.org/oss-sec/2025/q1/144
Third Party Advisory
https://blog.qualys.com/vulnerabilities-threat-research/2025/02/18/qualys-tru-di...
Issue Tracking
https://bugzilla.suse.com/show_bug.cgi?id=1237040
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2025/02/msg00020.html
Third Party Advisory
https://lists.mindrot.org/pipermail/openssh-unix-announce/2025-February/000161.h...
Third Party Advisory
https://security-tracker.debian.org/tracker/CVE-2025-26465
Third Party Advisory
https://security.netapp.com/advisory/ntap-20250228-0003/
Third Party Advisory
https://ubuntu.com/security/CVE-2025-26465
Release Notes
https://www.openssh.com/releasenotes.html#9.9p2
and 6 more references
56
/ 100
high-risk
Severity
21/34 · High
Exploitability
19/34 · Moderate
Exposure
16/34 · Moderate