|
- NVD - CVE-2025-26465
This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key For an attack to be considered successful, the attacker needs to manage to exhaust the client's memory resource first, turning the attack complexity high
- CVE-2025-26465 - Tenable
A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key
- CVE-2025-26465 - OpenLogic
A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key
- OpenSSH vulnerability CVE-2025-26465
(CVE-2025-26465) Impact There is no impact; F5 products are not affected by this vulnerability Security Advisory Status F5 Product Development has evaluated the currently supported releases for potential vulnerability, and no F5 products were found to be vulnerable
- How to apply mitigation for CVE-2025-26465? - Red Hat Customer Portal
How to apply mitigation for CVE-2025-26465? Solution Verified - Updated October 23 2025 at 3:46 PM - English
- CVE-2025-26465 : A vulnerability was found in OpenSSH when the . . .
CVE-2025-26465 : A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled A machine-in-the-middle attack can be performed by a malicious machi
- CVE Deep Dive : CVE-2025–26465. OpenSSH “DNS Spoof Slip” —… | by . . .
CVE-2025–26465 allows an active machine-in-the-middle attacker to impersonate legitimate servers by exploiting a flaw in OpenSSH’s DNS-based host key verification
- OpenSSH Vulnerability CVE-2025-26465 reported in Aria Operations
OpenSSH vulnerability CVE-2025-26465 have been identified in Aria Operations nodes and cloud Proxy CVE-2025-26465: This vulnerability is caused by a logic flaw in OpenSSH that could allow a man-in-the-middle (MITM) attacker to impersonate a trusted server when the VerifyHostKeyDNS option is enabled By default, this option is disabled, which
|
|
|