Key Points

• Mitigation Strategies: What measures can system administrators take to protect themselves from these newly identified vulnerabilities in OpenSSH, particularly when VerifyHostKeyDNS is enabled?
• Impact on Security Posture: How do these vulnerabilities affect the overall security posture of systems and organizations that rely on OpenSSH, and what are the potential consequences of exploitation?
• Priority for Patching: Should these vulnerabilities be prioritized for patching and addressing, especially considering the potential for widespread exploitation and the critical nature of OpenSSH in many environments. Summary :Two vulnerabilities have been identified in OpenSSH by the Qualys Threat Research Unit: CVE-2025-26465 (active machine-in-the-middle attack) and CVE-2025-26466 (pre-authentication denial-of-service attack). The first vulnerability affects the client when VerifyHostKeyDNS is enabled, while the second affects both the client and server. These vulnerabilities have the potential to cause significant harm, particularly if exploited by malicious actors. System administrators are advised to take immediate action to patch these vulnerabilities and implement mitigation strategies to protect themselves from potential attacks. Prompt attention to this issue is crucial to minimize potential damage and maintain the security posture of affected systems.