Vulnerability DatabaseCVE-2025-26465
Mend.io Vulnerability Database
The largest open source vulnerability database
What is a Vulnerability ID?
New vulnerability? Tell us about it!
CVE-2025-26465
Published:February 18, 2025
Updated:May 16, 2026
A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client's memory resource first, turning the attack complexity high.
Related Resources (28)
https://www.theregister.com/2025/02/18/openssh_vulnerabilities_mitm_dos/
https://blog.qualys.com/vulnerabilities-threat-research/2025/02/18/qualys-tru-discovers-two-vulnerabilities-in-openssh-cve-2025-26465-cve-2025-26466
https://access.redhat.com/security/cve/CVE-2025-26465
https://security.alpinelinux.org/vuln/CVE-2025-26465
https://cert-portal.siemens.com/productcert/html/ssa-082556.html
https://access.redhat.com/errata/RHSA-2025:8385
https://access.redhat.com/errata/RHSA-2025:3837
https://www.openssh.com/releasenotes.html#9.9p2
https://www.vicarius.io/vsociety/posts/cve-2025-26465-detect-vulnerable-openssh
https://access.redhat.com/solutions/7109879
https://bugzilla.redhat.com/show_bug.cgi?id=2344780
https://seclists.org/oss-sec/2025/q1/144
https://access.redhat.com/errata/RHSA-2025:16823
https://bugzilla.suse.com/show_bug.cgi?id=1237040
https://lists.mindrot.org/pipermail/openssh-unix-announce/2025-February/000161.html
http://seclists.org/fulldisclosure/2025/Feb/18
http://seclists.org/fulldisclosure/2025/May/7
https://www.vicarius.io/vsociety/posts/cve-2025-26465-mitigate-vulnerable-openssh
https://lists.debian.org/debian-lts-announce/2025/02/msg00020.html
https://www.openwall.com/lists/oss-security/2025/02/18/1
https://security.netapp.com/advisory/ntap-20250228-0003/
https://ftp.openbsd.org/pub/OpenBSD/patches/7.6/common/008_ssh.patch.sig
https://ubuntu.com/security/CVE-2025-26465
https://www.openwall.com/lists/oss-security/2025/02/18/4
https://access.redhat.com/errata/RHSA-2025:6993
http://seclists.org/fulldisclosure/2025/May/8
https://security-tracker.debian.org/tracker/CVE-2025-26465
https://www.openssh.com/security.html
Do you need more information?
Contact Us
CVSS v4
Base Score:
7.6
Attack Vector
NETWORK
Attack Complexity
HIGH
Attack Requirements
NONE
Privileges Required
NONE
User Interaction
PASSIVE
Vulnerable System Confidentiality
HIGH
Vulnerable System Integrity
HIGH
Vulnerable System Availability
NONE
Subsequent System Confidentiality
NONE
Subsequent System Integrity
NONE
Subsequent System Availability
NONE
CVSS v3
Base Score:
6.8
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
NONE
Weakness Type (CWE)
Detection of Error Condition Without Action
CWE-390
EPSS
Base Score:
61.22