The Qualys Threat Research Unit (TRU) has discovered two vulnerabilities in OpenSSH. The first, identified as CVE-2025-26465, enables an active machine-in-the-middle attack on the OpenSSH client when the VerifyHostKeyDNS option is turned on. The second, CVE-2025-26466, impacts both the OpenSSH client and server, allowing a pre-authentication denial-of-service attack.
Read MoreCVE number = CVE-2024-7589 CVSS Score = 7.4 A signal handler in sshd(8) may call a logging function that is
Read MoreCVE number = CVE-2024-6387 The Qualys Threat Research Unit (TRU) has identified a Remote Unauthenticated Code Execution (RCE) vulnerability in
Read MoreCVE Number – CVE-2019-6110 A vulnerability in the Secure Copy Protocol (SCP) client utility of OpenSSH could allow an unauthenticated,
Read MoreCVE Number – CVE-2019-6109 A vulnerability in the Secure Copy Protocol (SCP) client utility of OpenSSH could allow an unauthenticated,
Read MoreCVE Number – CVE-2019-6111 A vulnerability in the Secure Copy Protocol (SCP) client utility of OpenSSH could allow an unauthenticated,
Read More
