Skip to main content

Termix

2 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2026-22804 HIGH POC This Week

Stored XSS in Termix File Manager (versions 1.7.0-1.9.0) allows attackers with SSH server access to execute arbitrary JavaScript by uploading malicious SVG files that bypass content sanitization. When a Termix user previews the crafted file, the payload executes within the application context with full access to sensitive operations. Public exploit code exists and no patch is currently available.

XSS SSH Termix
NVD GitHub
CVSS 3.1
8.0
EPSS
0.0%
CVE-2025-59951 CRITICAL POC PATCH Act Now

Docker default credentials in Termix server management. PoC and patch available.

Authentication Bypass Docker Nginx Termix
NVD GitHub
CVSS 3.1
9.1
EPSS
0.1%
CVE-2026-22804
EPSS 0% CVSS 8.0
HIGH POC This Week

Stored XSS in Termix File Manager (versions 1.7.0-1.9.0) allows attackers with SSH server access to execute arbitrary JavaScript by uploading malicious SVG files that bypass content sanitization. When a Termix user previews the crafted file, the payload executes within the application context with full access to sensitive operations. Public exploit code exists and no patch is currently available.

XSS SSH Termix
NVD GitHub
CVE-2025-59951
EPSS 0% CVSS 9.1
CRITICAL POC PATCH Act Now

Docker default credentials in Termix server management. PoC and patch available.

Authentication Bypass Docker Nginx +1
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy