Termix

2 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2026-22804 HIGH POC This Week

Stored XSS in Termix File Manager (versions 1.7.0-1.9.0) allows attackers with SSH server access to execute arbitrary JavaScript by uploading malicious SVG files that bypass content sanitization. When a Termix user previews the crafted file, the payload executes within the application context with full access to sensitive operations. Public exploit code exists and no patch is currently available.

Ssh XSS Termix
NVD GitHub
CVSS 3.1
8.0
EPSS
0.0%
CVE-2025-59951 CRITICAL POC PATCH Act Now

Docker default credentials in Termix server management. PoC and patch available.

Nginx Docker Authentication Bypass Termix
NVD GitHub
CVSS 3.1
9.1
EPSS
0.1%
CVE-2026-22804
EPSS 0% CVSS 8.0
HIGH POC This Week

Stored XSS in Termix File Manager (versions 1.7.0-1.9.0) allows attackers with SSH server access to execute arbitrary JavaScript by uploading malicious SVG files that bypass content sanitization. When a Termix user previews the crafted file, the payload executes within the application context with full access to sensitive operations. Public exploit code exists and no patch is currently available.

Ssh XSS Termix
NVD GitHub
CVE-2025-59951
EPSS 0% CVSS 9.1
CRITICAL POC PATCH Act Now

Docker default credentials in Termix server management. PoC and patch available.

Nginx Docker Authentication Bypass +1
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy