Vulnerabilities in Termix-SSH
11 resultsCVE-2026-45744CRITICALTermix has an OS Command Injection in File Manager resolvePath endpointEPSS 2.0%CVE-2026-45748CRITICALTermix Vulnerable to Remote Code Execution via SSH Tunnel Forward Command InjectionEPSS 1.7%CVE-2026-42453HIGHTermix: Command injection in extractArchive/compressFiles via double-quote escaping bypassEPSS 1.2%CVE-2026-42454CRITICALTermix: OS Command Injection in Docker Container Management EndpointsEPSS 0.7%CVE-2026-45746CRITICALTermix Vulnerable to Arbitrary Command Execution via Session HijackingEPSS 0.4%CVE-2026-45749HIGHTermix's TOTP two-factor authentication can be disabled or bypassed using only the account passwordEPSS 0.3%CVE-2026-42452HIGHTermix: Pending-TOTP temporary token can regenerate backup codes and neutralize TOTPEPSS 0.3%CVE-2026-45750CRITICALTermix Vulnerable to Arbitrary Command Execution in File ManagerEPSS 0.3%CVE-2026-45743HIGHTermix has a File-Manager Session Hijack via Missing Ownership Check (IDOR)EPSS 0.3%CVE-2026-22804HIGHTermix has a Stored XSS in File Manager leading to Local File Inclusion (LFI) in Electron and Session Hijacking in BrowserEPSS 0.2%CVE-2026-45745HIGHTermix has improper certificate validation in Electron desktop client that enables MITM credential/token theftEPSS 0.2%