CVE•Published 2025-02-28•Modified 2026-06-30•1 article on news•6 live references•NVD data
CVE-2025-26466Openbsd · Openssh
Vulnerability data via NVD (ingested)
CVSS v3.1
5.9
MEDIUM
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS percentile
98
Exploit Prediction Scoring System · top 2% of all CVEs
Weaknesses (CWE)
Description
A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet is allocated in a memory buffer and stored in a queue of packages. It is only freed when the server/client key exchange has finished. A malicious client may keep sending such packages, leading to an uncontrolled increase in memory consumption on the server side. Consequently, the server may become unavailable, resulting in a denial of service attack.
Timeline
Published 2025-02-28
Modified 2026-06-30
External references
Search for exposed instances
Shodan + Censys queries derived from NVD's CPE data. The vuln tag catches assets Shodan has explicitly linked to this CVE; the product / banner fingerprints find exposed instances even when the vuln tag was never applied (which is common).
Shodan · vuln tag614,463 hosts
vuln:CVE-2025-26466Hosts Shodan has explicitly fingerprinted as vulnerable.
Shodan · product + version
product:"Openbsd Openssh" version:"9.5"Version-pinned fingerprint from NVD's first vulnerable CPE.
Shodan · banner/body mention
http.html:"Openssh"HTTP body or banner mentions "Openssh" — catches deploys Shodan didn't identify as a product.
More intel sources (5)
Shodan report
vuln:CVE-2025-26466Country / ASN / product breakdown for the vuln query.
Censys
vulnerabilities.cve_id: CVE-2025-26466Censys host search filtered to this CVE id.
grep.app
CVE-2025-26466Public source-code mentions — fast PoC discovery.
GitHub code
CVE-2025-26466GitHub code search for direct mentions.
Google dork
"CVE-2025-26466" exploit -site:nvd.nist.govWrite-ups and news, NVD excluded.
Known PoCs on GitHub (5)
CVE-2025-264665 repos
NVIDIA-AI-Blueprints/vulnerability-analysisJupyter Notebook
Rapidly identify and mitigate container security vulnerabilities with generative AI.
mosaicwang/myrpmunknown
我的RPM库
rxerium/CVE-2025-26466unknown
The OpenSSH client and server are vulnerable to a pre-authentication DoS attack between versions 9.5p1 to 9.9p1 (inclusive) that causes memory and CPU consumption
RHEcosystemAppEng/exploitiq-tests-automationPython
Python scripts that automates the process of batch running of a given dataset for the sake of calculating the confusion matrix metrics or to perform integration tests against e…
dolutech/patch-manual-CVE-2025-26465-e-CVE-2025-26466Shell
Patch Manual para a correção das CVE-2025-26465-e-CVE-2025-26466, para sistemas sem update do OpenSSH