THREAT OPS › Threat News › [NVD] CVE-2025-26465 (MEDIUM 6.8) — A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying
[NVD] CVE-2025-26465 (MEDIUM 6.8) — A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying
CVE-2025-26465 CVSS: 6.8 MEDIUM Published: 2025-02-18T19:15:29.230
A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered succes
Indicators of compromise
- CVE-2025-26465cve
Original source: https://nvd.nist.gov/vuln/detail/CVE-2025-26465