Fabien O'Carroll - Security Researcher - Exploit Intelligence Platform

CVE-2026-22595 WRITEUP HIGH WRITEUP

Ghost 5.121.0-5.130.5 and 6.0.0-6.10.3 - Incorrect Authorization via Staff Token Authentication

Ghost is a Node.js content management system. In versions 5.121.0 through 5.130.5 and 6.0.0 through 6.10.3, a vulnerability in Ghost's handling of Staff Token authentication allowed certain endpoints to be accessed that were only intended to be accessible via Staff Session authentication. External systems that have been authenticated via Staff Tokens for Admin/Owner-role users would have had access to these endpoints. This issue has been patched in versions 5.130.6 and 6.11.0.

CVSS 8.1

View Code

CVE-2026-26980 WRITEUP CRITICAL WRITEUP

Ghost 3.24.0-6.19.0 - Info Disclosure

Ghost is a Node.js content management system. Versions 3.24.0 through 6.19.0 allow unauthenticated attackers to perform arbitrary reads from the database. This issue has been fixed in version 6.19.1.

CVSS 9.4

View Code

CVE-2026-22595 WRITEUP HIGH WRITEUP

Ghost 5.121.0-5.130.5 and 6.0.0-6.10.3 - Incorrect Authorization via Staff Token Authentication

Ghost is a Node.js content management system. In versions 5.121.0 through 5.130.5 and 6.0.0 through 6.10.3, a vulnerability in Ghost's handling of Staff Token authentication allowed certain endpoints to be accessed that were only intended to be accessible via Staff Session authentication. External systems that have been authenticated via Staff Tokens for Admin/Owner-role users would have had access to these endpoints. This issue has been patched in versions 5.130.6 and 6.11.0.

CVSS 8.1

View Code