CVE-2025-70034

High

Published: 09 March 2026

Published

09 March 2026

Modified

06 May 2026

KEV Added

—

Patch

—

CVSS Score 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS Score 0.0006 17.4th percentile

Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-70034 is a high-severity Inefficient Regular Expression Complexity (CWE-1333) vulnerability in Mscdex Ssh2. Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Application or System Exploitation (T1499.004); ranked at the 17.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

Threat & Defense at a Glance

What attackers do: exploitation maps to Application or System Exploitation (T1499.004).

Threat & Defense Details

MITRE ATT&CK Enterprise TechniquesAI

T1499.004 Application or System Exploitation Impact

Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.

attack.mitre.org →

Why these techniques?

ReDoS enables remote resource exhaustion DoS via crafted input to vulnerable SSH library regex processing, directly mapping to application exploitation for endpoint denial of service.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

NVD Description

An issue pertaining to CWE-1333: Inefficient Regular Expression Complexity (4.19) was discovered in mscdex ssh2 v1.17.0.

Deeper analysisAI

CVE-2025-70034 is a vulnerability classified under CWE-1333 (Inefficient Regular Expression Complexity, also known as ReDoS) affecting version 1.17.0 of the mscdex ssh2 library. Published on 2026-03-09, it carries a CVSS v3.1 base score of 7.5 (High), reflecting its potential for significant impact despite no effects on confidentiality or integrity.

The vulnerability enables remote, unauthenticated attackers to exploit it over the network with low attack complexity and no user interaction required. Successful exploitation results in high-impact denial of service, as indicated by the CVSS vector (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H), potentially causing resource exhaustion through malicious inputs that trigger excessive computation in regular expression processing.

References include a GitHub Gist at https://gist.github.com/zcxlighthouse/78a0d9b7fcae20294076e8b24f763ce5 detailing the issue, along with the mscdex organization page (https://github.com/mscdex) and the ssh2 repository (https://github.com/mscdex/ssh2), which security practitioners should review for any advisories, patches, or mitigation guidance specific to affected deployments.

Details

CWE(s): CWE-1333

Affected Products

mscdex

ssh2

1.17.0

CVEs Like This One

CVE-2025-70030Shared CWE-1333

CVE-2026-28356Shared CWE-1333

CVE-2026-22178Shared CWE-1333

CVE-2026-1388Shared CWE-1333

CVE-2026-23897Shared CWE-1333

CVE-2026-4867Shared CWE-1333

CVE-2026-35213Shared CWE-1333

CVE-2026-23956Shared CWE-1333

CVE-2026-30837Shared CWE-1333

CVE-2026-27904Shared CWE-1333

References

https://gist.github.com/zcxlighthouse/78a0d9b7fcae20294076e8b24f763ce5
Third Party Advisory · cve@mitre.org
https://github.com/mscdex
Product · cve@mitre.org
https://github.com/mscdex/ssh2
Product · cve@mitre.org