在OpenSSH中发现严重的零日漏洞 - 请立即修补
在OpenSSH中发现了一个严重的零日漏洞(CVE-2025-38897),影响大多数运行9.3及更早版本的Unix系统。该漏洞在特定条件下允许未经身份验证的远程代码执行,对面向公众的服务器构成严重风险。该漏洞的利用已被威胁行为者积极使用。
查看原文
A critical zero-day vulnerability (CVE-2025-38897) has been discovered in OpenSSH, affecting most Unix-based systems running versions 9.3 and earlier. The flaw allows unauthenticated remote code execution under specific conditions, posing a serious risk to public-facing servers. The exploit has already been seen in active use by threat actors.