CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

Pre-authentication Denial of Service attack in OpenSSH - CVE-2025-26466

unknownCVE-2025-26466
CVSSv3 Score: 5.9 CVE-2025-26466A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet is allocated in a memory buffer and stored in a queue of packages. It is only freed when the server/client key exchange has finished. A malicious client may keep sending such packages, leading to an uncontrolled increase in memory consumption on the server side. Consequently, the server may become unavailable, resulting in a denial of service attack. Revised on 2026-05-25 00:00:00

CSIRTS triage

What
A flaw allows a malicious client to cause a denial of service by consuming server memory.
Who is affected
OpenSSH servers that receive ping packets from malicious clients.
Urgency
Remediation is necessary as it can lead to server unavailability.
Action
Implement measures to limit or monitor incoming ping packets.

AI-assisted analysis generated from the source advisory — verify against the original.

⚡ Watch OpenSSH

Get an email when a new OpenSSH advisory drops — max one per day, one-click unsubscribe.

Details

Source
Fortinet FortiGuard PSIRT (INTL · vendor-psirt · site)
Severity
unknown
Published
2025-03-11
Exploitation
Not in CISA KEV at last sync

Original advisory: https://fortiguard.fortinet.com/psirt/FG-IR-25-122

Exploitation outlook

EPSS (FIRST.org) estimates each CVE’s probability of exploitation in the next 30 days — here is the CSIRTS.com read on those numbers.

Referenced CVEs

CVECSIRTS overviewExternal
CVE-2025-26466coverage & exploitation statusNVD · CVE.org

More from Fortinet FortiGuard PSIRT