CVE-2026-42454 – Termix OS

CVSS 9.9 CRITICAL

“One unsanitized input can turn server management into server compromise.”

This patch addresses a critical OS command injection vulnerability in Termix affecting versions prior to 2.1.0. The issue exists in Docker container management endpoints, where user-controlled input is directly embedded into system commands without validation. This allows authenticated attackers to inject arbitrary commands and execute them on managed servers.

CVE-2026-42454 has a CVSS score of 9.9, which is Critical severity. The vulnerability requires low privileges but can be exploited remotely with minimal effort, leading to full remote code execution across connected infrastructure. It has been resolved in version 2.1.0 by enforcing proper input validation and command handling.

Key Details

Attack Vector: Network
Attack Complexity: Low
Privileges Required: Low
User Interaction: None
CWE Classification: CWE-78

Patch this CVE on all your endpoints in under 5 minutes. First 200 endpoints are free forever, scale as needed.

CVE-2026-42454 – Termix OS

Key Details

Stay Tuned

PLATFORM

SOLUTIONS

RESOURCES

COMPANY

LEGAL

CONTACTS

+1-346-444-8530

Toll Free: 833-444-8530

708 Main St, 10th FL, Houston, TX 77002