EulerOS Virtualization 2.10.0 : openssh (EulerOS-SA-2026-1186)

According to the versions of the openssh packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand i...

MiracleLinux 7 : openssh-7.4p1-23.0.3.0.1.el7.AXS7 (AXSA:2025-9844:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9844:01 advisory. CVE-2025-26465: fix vulnerability in OpenSSH when the VerifyHostKeyDNS option is enabled CVEs: CVE-2025-26465 A vulnerability was found in OpenSSH when the...

MiracleLinux 9 : openssh-8.7p1-45.el9.ML.1 (AXSA:2025-10048:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10048:02 advisory. openssh: Machine-in-the-middle attack if VerifyHostKeyDNS is enabled CVE-2025-26465 Tenable has extracted the preceding description block directly from the...

Security Bulletin:Vulnerability in OpenSSH affects IBM Netezza Appliance

Summary The OpenSSH package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVE CVE-2025-26465 Vulnerability Details CVEID:CVE-2025-26465 DESCRIPTION: A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle...

Alibaba Cloud Linux 3 : 0161: openssh (ALINUX3-SA-2025:0161)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2025:0161 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-26465: A vulnerability was found in OpenSS...

RLSA-2025:6993 Moderate: openssh security update

OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fixes: openssh: Machine-in-the-middle attack if VerifyHostKeyDNS is enabled CVE-2025-26465 For more...

RLSA-2025:16823 Moderate: openssh security update

OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fixes: openssh: Machine-in-the-middle attack if VerifyHostKeyDNS is enabled CVE-2025-26465 For more...

ALSA-2025:16823 Moderate: openssh security update

OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fixes: openssh: Machine-in-the-middle attack if VerifyHostKeyDNS is enabled CVE-2025-26465 For more...

Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2025-1879)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openssh: Machine-in-the-middle attack if VerifyHostKeyDNS is enabled

A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. Fo...

CLSA-2025-1742731930 openssh: Fix of CVE-2025-26465

CVE-2025-26465: fix vulnerability in OpenSSH when the VerifyHostKeyDNS option is enabled - enlarge format buffer size for certificate serial number so the log message can record any 64-bit integer without truncation openssh bz3012 Orabug: 30448895...

CLSA-2025-1742661734 openssh: Fix of CVE-2025-26465

CVE-2025-26465: fix vulnerability in OpenSSH when the VerifyHostKeyDNS option is enabled...

CLSA-2025-1742380145 openssh: Fix of CVE-2025-26465

CVE-2025-26465: fix vulnerability in OpenSSH when the VerifyHostKeyDNS option is enabled...

Medium: openssh

Issue Overview: A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying...

Updated openssh packages fix security vulnerability

Machine-in-the-middle attack vulnerability if verifyhostkeydns is enabled. CVE-2025-26465...

AZL-56894 CVE-2025-26465 affecting package openssh for versions less than 9.8p1-3

A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. Fo...

Security update for openssh

This update for openssh fixes the following issues: CVE-2025-26465: Fixed MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client bsc1237040. CVE-2025-26466: Fixed DoS attack against OpenSSH's client and server bsc1237041. Patch Instructions: To install this SUSE update use the SUSE...

SUSE CVE-2025-26465

A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. Fo...

UBUNTU-CVE-2025-26465

A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. Fo...