For a workaround, you could use a static-linked version of mosh-server and use User Scripts to move it to /bin (or somewhere else in your $PATH).
Here's a static-linked version of mosh-server from blink: https://github.com/blinksh/mosh-static-multiarch
Unraid 6.12.10 is running OpenSSH_9.3p2 now, according to https://www.qualys.com/regresshion-cve-2024-6387/ , is vulnerable to the vulnerability. Are there any possible mitigations?