RCE in Termix-ssh Termix

CVE-2026-42453

Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. Prior to version 2.1.0, the extractArchive and compressFiles endpoints in file-manager.ts use double-quoted strings for shell com…

Vulnerability class: Command Injection (OS Command Injection)

EPSS: 0.003 (57.6th percentile) — read the EPSS interpretation.