Unrated severityNVD Advisory· Published Oct 21, 2025· Updated Jan 6, 2026

Host verification bypass and credential leak

CVE-2025-11625

Description

Improper host authentication vulnerability in wolfSSH version 1.4.20 and earlier clients that allows authentication bypass and leaking of clients credentials.

Affected products

WolfSSL/Wolfsshv5
Range: 1.4.20;0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/wolfSSL/wolfssh/pull/840mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000