MiracleLinux 9 : openssh-8.7p1-45.el9.ML.1 (AXSA:2025-10048:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10048:02 advisory. openssh: Machine-in-the-middle attack if VerifyHostKeyDNS is enabled CVE-2025-26465 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : openssh-8.0p1-26.el8_10 (AXSA:2025-10918:05)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10918:05 advisory. openssh: Machine-in-the-middle attack if VerifyHostKeyDNS is enabled CVE-2025-26465 Tenable has extracted the preceding description block directly from the...

Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2026-1009)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin:Vulnerability in OpenSSH affects IBM Netezza Appliance

Summary The OpenSSH package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVE CVE-2025-26465 Vulnerability Details CVEID:CVE-2025-26465 DESCRIPTION: A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle...

Siemens SIMATIC S7-1500 Detection of Error Condition Without Action (CVE-2025-26465)

A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. Fo...

Advisory ROSA-SA-2025-3074

Software: openssh 8.0p1 OS: ROSA Virtualization 2.1 unaffected versions = openssh-8.0p1-26.0.1.1.rv3 affected versions openssh-8.0p1-26.0.1.1.rv3 CVE-ID: CVE-2020-15778 BDU-ID: CVE-Crit: HIGH CVE-DESC.: A vulnerability in the toremote scp.c function of the OpenSSH cryptographic security tool exis...

Alibaba Cloud Linux 3 : 0161: openssh (ALINUX3-SA-2025:0161)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2025:0161 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-26465: A vulnerability was found in OpenSS...

RockyLinux 8 : openssh (RLSA-2025:16823)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:16823 advisory. openssh: Machine-in-the-middle attack if VerifyHostKeyDNS is enabled CVE-2025-26465 Tenable has extracted the preceding description block directly from the...

RLSA-2025:6993 Moderate: openssh security update

OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fixes: openssh: Machine-in-the-middle attack if VerifyHostKeyDNS is enabled CVE-2025-26465 For more...

openssh security update

An update is available for openssh. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list OpenSSH is an SSH protocol implementation supported by a number of Linux, UNI...

RLSA-2025:16823 Moderate: openssh security update

OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fixes: openssh: Machine-in-the-middle attack if VerifyHostKeyDNS is enabled CVE-2025-26465 For more...

AlmaLinux 8 : openssh (ALSA-2025:16823)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:16823 advisory. openssh: Machine-in-the-middle attack if VerifyHostKeyDNS is enabled CVE-2025-26465 Tenable has extracted the preceding description block directly from the...

Moderate: Red Hat Security Advisory: openssh security update

An update for openssh is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

openssh security update

8.0p1-26.0.1 - Update upstream references Orabug: 36587718 8.0p1-26 - Fix missing invalid error code checks in OpenSSH. It prevents a MITM attack when VerifyHostKeyDNS is on CVE-2025-26465 Resolves: RHEL-109228...

RHEL 8 : openssh (RHSA-2025:16823)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:16823 advisory. OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary...

ALSA-2025:16823 Moderate: openssh security update

OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fixes: openssh: Machine-in-the-middle attack if VerifyHostKeyDNS is enabled CVE-2025-26465 For more...

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a machine-in-the-middle attack in OpenSSH [CVE-2025-26465]

Summary IBM Watson Speech Services Cartridge is vulnerable to a machine-in-the-middle attack in OpenSSH, due to an error in how OpenSSH mishandles error codes in specific conditions when verifying the host key CVE-2025-26465. OpenSSH is used in our speech service runtimes. This vulnerabilitiy has...

Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2025-1860)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2025-1879)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2025-1763)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...