RedPacket SecurityFeb 19, 2025

CVE Alert: CVE-2025-26465 - https://www.redpacketsecurity.com/cve_alert_cve-2025-26465/

#OSINT #ThreatIntel #CyberSecurity #cve_2025_26465

CVE Alert: CVE-2025-26465 - RedPacket Security

A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine

RedPacket Security
The Threat CodexFeb 18, 2025
Qualys TRU Discovers Two Vulnerabilities in OpenSSH: CVE-2025-26465 & CVE-2025-26466
#CVE_2025_26465 #CVE_2025_26466
https://blog.qualys.com/vulnerabilities-threat-research/2025/02/18/qualys-tru-discovers-two-vulnerabilities-in-openssh-cve-2025-26465-cve-2025-26466
Qualys TRU Discovers Two Vulnerabilities in OpenSSH: CVE-2025-26465 & CVE-2025-26466 | Qualys Security Blog

The Qualys Threat Research Unit (TRU) has identified two vulnerabilities in OpenSSH. The first, tracked as CVE-2025-26465, allows an active machine-in-the-middle attack on the OpenSSH client when the…

Qualys Security Blog
Harry SintonenFeb 18, 2025

#OpenSSH client is vulnerable to MitM attacks if VerifyHostKeyDNS is enabled - https://www.openwall.com/lists/oss-security/2025/02/18/1

#CVE_2025_26465 #coordinateddisclosure #infosec #cybersecurity

oss-security - MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client