Critical RCE Vulnerability Found in OpenSSH — 14 Million Servers at Risk

Source: NVD / NIST3 min read22d agoMay 1, 2026

AI-Generated Summary

Researchers disclosed a remote code execution flaw in OpenSSH versions 8.5–9.7 that allows unauthenticated attackers to execute arbitrary commands with root privileges.

A critical remote code execution vulnerability has been discovered in OpenSSH, tracked as CVE-2025-3841. The flaw affects versions 8.5 through 9.7 and has been confirmed on major Linux distributions.

What is the vulnerability?

The vulnerability exists in the pre-authentication phase of the SSH handshake. A specially crafted packet can trigger a heap buffer overflow, allowing arbitrary code execution with root privileges.

Who is affected?

Security researchers estimate approximately 14 million internet-facing servers are running a vulnerable version. AWS, Google Cloud, and Azure have all issued advisories.

What should you do?

Upgrade OpenSSH to version 9.8p1 immediately. As an interim mitigation, set LoginGraceTime to 0 in your sshd_config file.

How to stay safe

Critical threat

Enable automatic updates on all your servers immediately.
Contact your hosting provider and ask if your server runs OpenSSH.
Temporarily restrict SSH access to known IP addresses only.
Monitor for unusual login attempts in the next 48 to 72 hours.

Detailed guide

Step 1 — Check with your host

Log into your hosting control panel and look for a Software Updates section. Apply all available updates.

Step 2 — Enable auto-updates

Enable automatic security updates so future patches are applied without manual intervention.

Original source

NVD / NIST

Read original →

Cybersecurity

Memorial Day Deals Under $50

4h ago

Cybersecurity

Ghostwriter Phishing Attack

1d ago

Cybersecurity

CVE-2026-42503: gopls RCE Vulnerability

17d ago

Critical RCE Vulnerability Found in OpenSSH — 14 Million Servers at Risk

What is the vulnerability?

Who is affected?

What should you do?

How to stay safe

Related articles