What kind of vulnerability it may have for known ssh-hostkey?
This script retrieves only the fingerprint of the public key (shown in your question) and on request the public key itself.
Shows the target SSH server's key fingerprint and (with high enough verbosity level) the public key itself. It records the discovered host keys in nmap.registry for use by other scripts. Output can be controlled with the ssh_hostkey script argument.
source nmap.org
As the public key by definition is public this serves only informational purposes on the client and poses no vulnerability/security threat at all.
The informational purposes I mentioned might be in the line of:
- prepopulating the list of known host keys for a SSH/SCP-Client
- checking if the host keys of servers have changed (to trigger an investigation about the reason, for instance)
The fingerprint of a public key serves to identify that key (make it easier to recognize) because it might be difficult to see when the complete key (2048 bit = 256 characters) has been altered. The fingerprint (normally called a hash) will be completely different even if only a single bit has been changed.