I noticed a slight overreaction over a vulnerability, CVE-2023-38408. They suggested building the latest OpenSSH server [sic] from sources over the one packaged in your distribution, although the vulnerability in the ssh-agent affects the OpenSSH client & only if agent forwarding (`-A` / `ForwardAgent`) is enabled.

Vulnerabilities in security critical utilities easily get high CVSS score as they could have severe implications for confidentiality, integrity and availability. However, this one is rather easy to mitigate by correct configuration, and does not affect typical nor default configurations.