High severity7.8NVD Advisory· Published Apr 7, 2026· Updated Apr 29, 2026
CVE-2025-14821
CVE-2025-14821
Description
A flaw was found in libssh. This vulnerability allows local man-in-the-middle attacks, security downgrades of SSH (Secure Shell) connections, and manipulation of trusted host information, posing a significant risk to the confidentiality, integrity, and availability of SSH communications via an insecure default configuration on Windows systems where the library automatically loads configuration files from the C:\etc directory, which can be created and modified by unprivileged local users.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
9- cpe:2.3:a:redhat:hardened_images:-:*:*:*:*:*:*:*
- osv-coords6 versionspkg:apk/chainguard/libsshpkg:apk/chainguard/libssh2pkg:apk/chainguard/libssh-devpkg:apk/wolfi/libsshpkg:apk/wolfi/libssh2pkg:apk/wolfi/libssh-dev
< 0.12.0-r2+ 5 more
- (no CPE)range: < 0.12.0-r2
- (no CPE)range: < 1.11.1-r4
- (no CPE)range: < 0.12.0-r2
- (no CPE)range: < 0.12.0-r2
- (no CPE)range: < 1.11.1-r4
- (no CPE)range: < 0.12.0-r2
Patches
Vulnerability mechanics
References
4- access.redhat.com/errata/RHSA-2026:7067nvdThird Party Advisory
- access.redhat.com/security/cve/CVE-2025-14821nvdThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory
- www.libssh.org/2026/02/10/libssh-0-12-0-and-0-11-4-security-releases/nvdRelease Notes
News mentions
0No linked articles in our index yet.