CVE-2026-26980

CRITICAL NUCLEI LAB

Ghost 3.24.0-6.19.0 - Info Disclosure

Title source: llm

Description

Ghost is a Node.js content management system. Versions 3.24.0 through 6.19.0 allow unauthenticated attackers to perform arbitrary reads from the database. This issue has been fixed in version 6.19.1.

Exploits (2)

nomisec WORKING POC 3 stars

by dinosn · poc

https://github.com/dinosn/ghost-cve-2026-26980

View Code ZIP pw:eip

nomisec WORKING POC

by vognik · poc

https://github.com/vognik/CVE-2026-26980

View Code ZIP pw:eip

Nuclei Templates (1)

Ghost CMS Content API - SQL Injection

CRITICALVERIFIEDby domwhewell-sage

Shodan: http.component:"Ghost"

FOFA: app="Ghost"

References (3)

[Patch] https://github.com/TryGhost/Ghost/commit/30868d632b2252b638bc8a4c8ebf73964592ed91

View Patch ZIP pw:eip

[Vendor Advisory] https://github.com/TryGhost/Ghost/security/advisories/GHSA-w52v-v783-gw97

[Release Notes] https://github.com/TryGhost/Ghost/releases/tag/v6.19.1

Scores

CVSS v3 9.4

EPSS 0.3518

EPSS Percentile 97.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L

Lab Environment

COMMUNITY

Community Lab

docker pull ghost:6.16.1

docker pull ghost:6.18.0

docker pull ghost:6.19.1

https://github.com/TryGhost/Ghost

https://github.com/vognik/CVE-2026-26980

https://github.com/dinosn/ghost-cve-2026-26980

View in Library

Details

CWE

CWE-89

Status published

Products (2)

ghost/ghost 3.24.0 - 6.19.1

npm/ghost 3.24.0 - 6.19.1npm

Published Feb 20, 2026

Tracked Since Feb 20, 2026