n8n's Source Control SSH Configuration Uses StrictHostKeyChecking=no

Impact When the Source Control feature is configured to use SSH, the SSH command used for git operations explicitly disabled host key verification. A network attacker positioned between the n8n instance and the remote Git server could intercept the connection and present a fraudulent host key,...

CVE-2026-33724 n8n's Source Control SSH Configuration Uses StrictHostKeyChecking=no

n8n is an open source workflow automation platform. Prior to version 2.5.0, when the Source Control feature is configured to use SSH, the SSH command used for git operations explicitly disabled host key verification. A network attacker positioned between the n8n instance and the remote Git server...

EUVD-2024-47644

Malicious code in bioql PyPI...

CVE-2025-34207 Vasion Print (formerly PrinterLogic) Insecure SSH Client Configuration

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to 22.0.1049 and Application prior to 20.0.2786 VA and SaaS deployments configure the SSH client within Docker instances with the following options: UserKnownHostsFile=/dev/null, StrictHostKeyChecking=no, and ForwardAgent yes. These...

Brocade Fabric OS before 9.2.2 does not enforce strict host key checking

A vulnerability in Brocade Fabric OS versions before 9.2.2 could allow man-in-the-middle attackers to conduct remote Service Session Hijacking that may arise from the attacker's ability to forge an SSH key while the Brocade Fabric OS Switch is performing various remote operations initiated by a...

CVE-2024-6572

Improper host key checking in active check 'Check SFTP Service' and special agent 'VNX quotas and filesystem' in Checkmk before Checkmk 2.3.0p15, 2.2.0p33, 2.1.0p48 and 2.0.0 EOL allows man-in-the-middle attackers to intercept traffic...

CVE-2024-6572

Improper host key checking in active check 'Check SFTP Service' and special agent 'VNX quotas and filesystem' in Checkmk before Checkmk 2.3.0p15, 2.2.0p33, 2.1.0p48 and 2.0.0 EOL allows man-in-the-middle attackers to intercept traffic...

UBUNTU-CVE-2024-6572

Improper host key checking in active check 'Check SFTP Service' and special agent 'VNX quotas and filesystem' in Checkmk before Checkmk 2.3.0p15, 2.2.0p33, 2.1.0p48 and 2.0.0 EOL allows man-in-the-middle attackers to intercept traffic...

CVE-2024-6572 Improper host key checking in active check 'Check SFTP Service' and special agent 'VNX quotas and filesystem'

Improper host key checking in active check 'Check SFTP Service' and special agent 'VNX quotas and filesystem' in Checkmk before Checkmk 2.3.0p15, 2.2.0p33, 2.1.0p48 and 2.0.0 EOL allows man-in-the-middle attackers to intercept traffic...

PT-2024-37728 · Checkmk · Checkmk

Name of the Vulnerable Software and Affected Versions: Checkmk versions prior to 2.3.0p15 Checkmk versions prior to 2.2.0p33 Checkmk versions prior to 2.1.0p48 Checkmk version 2.0.0 Description: The issue concerns improper host key checking in the active check 'Check SFTP Service' and the special...

PT-2024-33190 · Satellite · Satellite

Name of the Vulnerable Software and Affected Versions: Satellite affected versions not specified Description: A vulnerability was found in Satellite where the host's SSH key is not being checked when running a remote execution job on a host. This is due to the use of "-o StrictHostKeyChecking=no"...

Default credentials

Previous releases of the Puppet ciscoios module did not validate a host's identity before starting a SSH connection. As of the 0.4.0 release of ciscoios, host key checking is enabled by default...

ansible -- enable host key checking in paramiko connection type

Ansible changelog reports: Host key checking is on by default. Disable it if you like by adding hostkeychecking=False in the default section of /etc/ansible/ansible.cfg or /ansible.cfg or by exporting ANSIBLEHOSTKEYCHECKING=False...

kexec-tools: Multiple security flaws by management of kdump core files and ramdisk images

The SSH configuration in the Red Hat mkdumprd script for kexec-tools, as distributed in the kexec-tools 1.x before 1.102pre-154 and 2.x before 2.0.0-209 packages in Red Hat Enterprise Linux, disables the StrictHostKeyChecking option, which allows man-in-the-middle attackers to spoof kdump servers...

kexec-tools: Multiple security flaws by management of kdump core files and ramdisk images

The SSH configuration in the Red Hat mkdumprd script for kexec-tools, as distributed in the kexec-tools 1.x before 1.102pre-154 and 2.x before 2.0.0-209 packages in Red Hat Enterprise Linux, disables the StrictHostKeyChecking option, which allows man-in-the-middle attackers to spoof kdump servers...

CVE-2001-1474

CVE-2001-1474 concerns SSH prior to version 2.0, where host key checking is disabled when connecting to localhost. This creates a vulnerability condition that can be exploited by poisoning the client’s DNS cache to silently redirect connections to localhost. The description in the connected docum...

CVE-2001-1474

SSH before 2.0 disables host key checking when connecting to the localhost, which allows remote attackers to silently redirect connections to the localhost by poisoning the client's DNS cache...

CVE-2001-1474

SSH before 2.0 disables host key checking when connecting to the localhost, which allows remote attackers to silently redirect connections to the localhost by poisoning the client's DNS cache...