Please report any vulnerabilities to GitHub Security.
Security: Termix-SSH/Termix
Security
SECURITY.md
-
Tar option injection in file-manager archive creation allows command execution on managed SSH hostsGHSA-rwj6-6vh7-45pv published
Jun 12, 2026 by ZacharyZcRHigh -
IDOR — Authenticated user can fetch SSH passwords for hosts owned by other usersGHSA-j6h8-mww6-pgw6 published
Jun 12, 2026 by ZacharyZcRCritical -
Missing authorization in SSH host credential resolution exposes stored credentialsGHSA-57gp-39c7-4g9r published
Jun 12, 2026 by ZacharyZcRCritical -
Account Takeover via Global Settings DisclosureGHSA-6r97-7wp3-2g3x published
Jun 12, 2026 by ZacharyZcRHigh -
Shared host users can replay delegated SSH passwords to attacker-controlled serversGHSA-cf3r-q4jx-mj5x published
Jun 12, 2026 by ZacharyZcRModerate -
Race Condition in First User Registration Allows Multiple AdministratorsGHSA-96wf-qxcg-2822 published
Jun 12, 2026 by ZacharyZcRModerate -
Remote Code Execution via Tunnel Disconnect pkill Command InjectionGHSA-5p86-jgr7-4hwx published
Jun 12, 2026 by ZacharyZcRCritical -
Remote Code Execution via SSH Tunnel Forward Command InjectionGHSA-xmjh-8cc2-qm49 published
May 31, 2026 by ZacharyZcRCritical -
Server-Side Request Forgery via Proxy Connectivity TestGHSA-x9pr-795g-rm5f published
Jun 12, 2026 by ZacharyZcRHigh -
File-Manager Session Hijack via Missing Ownership Check (IDOR)GHSA-5fqh-77cr-jj5x published
May 31, 2026 by ZacharyZcRHigh
Learn more about advisories related to Termix-SSH/Termix in the GitHub Advisory Database