Russian Vulnerability Scanner Database

Back to List

CVE-2025-26465

Scores

EPSS

0.736medium73.6%
0%20%40%60%80%100%

Percentile: 73.6%

CVSS

6.8medium3.x
0246810

CVSS Score: 6.8/10

All CVSS Scores

CVSS 3.x
6.8

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

Description

A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client’s memory resource first, turning the attack complexity high.

Scaner-VS 7 — a modern vulnerability management solution

Uses this database for vulnerability detection. High-speed search, cross-platform, advanced configuration audit, and flexible filtering. Suitable for organizations of any size.
Learn more about Scaner-VS 7

Sources

astradebiannvdredhatubuntu

CWEs

CWE-390

Related Vulnerabilities

BDU:2025-01959

Exploits

Exploit ID: CVE-2025-26465

Source: github-poc

URL: https://github.com/dolutech/patch-manual-CVE-2025-26465-e-CVE-2025-26466

Vulnerable Software (28)

Type: Configuration

Product: openssh

Operating System: debian

Trait: 
{  "fixed": "1:9.9p2-1"}

Source: debian

Type: Configuration

Product: openssh

Operating System: astra 1.7.7.6

Trait: 
{  "unaffected": true}

Source: astra

Type: Configuration

Product: openssh

Operating System: astra 4.7.7.4

Trait: 
{  "unaffected": true}

Source: astra

Type: Configuration

Product: openssh

Operating System: ubuntu focal 20.04

Trait: 
{  "fixed": "1:8.2p1-4ubuntu0.12"}

Source: ubuntu

Type: Configuration

Product: openssh

Operating System: ubuntu jammy 22.04

Trait: 
{  "fixed": "1:8.9p1-3ubuntu0.11"}

Source: ubuntu

Type: Configuration

Product: openssh

Operating System: ubuntu noble 24.04

Trait: 
{  "fixed": "1:9.6p1-3ubuntu13.8"}

Source: ubuntu

Type: Configuration

Product: openssh

Operating System: ubuntu oracular 24.10

Trait: 
{  "fixed": "1:9.7p1-7ubuntu4.2"}

Source: ubuntu

Type: Configuration

Product: openssh

Operating System: ubuntu plucky 25.04

Trait: 
{  "fixed": "9.9p1-3ubuntu3"}

Source: ubuntu

Type: Configuration

Product: openssh

Operating System: ubuntu questing 25.10

Trait: 
{  "fixed": "9.9p1-3ubuntu3"}

Source: ubuntu

Type: Configuration

Product: openssh-askpass-common-gostcrypto

Operating System: altlinux

Trait: 
{  "fixed": "0:7.9p1-alt4.gost.p10.4"}

Source: redhat

Type: Configuration

Product: openssh-clients-gostcrypto

Operating System: altlinux

Trait: 
{  "fixed": "0:7.9p1-alt4.gost.p10.4"}

Source: redhat

Type: Configuration

Product: openssh-common-gostcrypto

Operating System: altlinux

Trait: 
{  "fixed": "0:7.9p1-alt4.gost.p10.4"}

Source: redhat

Type: Configuration

Product: openssh-gostcrypto

Operating System: altlinux

Trait: 
{  "fixed": "0:7.9p1-alt4.gost.p10.4"}

Source: redhat

Type: Configuration

Product: openssh-keysign-gostcrypto

Operating System: altlinux

Trait: 
{  "fixed": "0:7.9p1-alt4.gost.p10.4"}

Source: redhat

Type: Configuration

Product: openssh-server-control-gostcrypto

Operating System: altlinux

Trait: 
{  "fixed": "0:7.9p1-alt4.gost.p10.4"}

Source: redhat

Type: Configuration

Product: openssh-server-gostcrypto

Operating System: altlinux

Trait: 
{  "fixed": "0:7.9p1-alt4.gost.p10.4"}

Source: redhat

Type: Configuration

Product: openssh-ssh1

Operating System: ubuntu jammy 22.04

Trait: 
{  "unfixed": true}

Source: ubuntu

Type: Configuration

Product: openssh-ssh1

Operating System: ubuntu noble 24.04

Trait: 
{  "unfixed": true}

Source: ubuntu

Type: Configuration

Product: openssh-ssh1

Operating System: ubuntu oracular 24.10

Trait: 
{  "unfixed": true}

Source: ubuntu

Type: Configuration

Product: openssh-ssh1

Operating System: ubuntu plucky 25.04

Trait: 
{  "unfixed": true}

Source: ubuntu