CVE-2025-26465

MEDIUM

CVSS v3

6.8

MEDIUM

EPSS Score

61.6%

exploit probability

CISA KEV

No

known exploited

Exploitation

SSVC status

Description

A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client's memory resource first, turning the attack complexity high.

Technical Details

Published
2/18/2025

Frequently Asked Questions

What is CVE-2025-26465?

A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client's memory resource first, turning the attack complexity high.

Is CVE-2025-26465 actively exploited?

Active exploitation of CVE-2025-26465 has not been confirmed. The EPSS score is 61.6%, indicating the estimated probability of exploitation in the next 30 days.

What is the CVSS score for CVE-2025-26465?

CVE-2025-26465 has a CVSS v3 base score of 6.8 (MEDIUM severity).

Is CVE-2025-26465 affecting your environment?

Use isMalicious to check if any of your IPs or domains are associated with this vulnerability's IOCs.