VDB
CVE-2026-26980
CVE-2026-26980
PUBLISHED
Ghost has a SQL Injection in its Content API
EPSS 56.66% · 98.2th percentile
Risk Scores
EPSS Score
56.66%
98.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitnami | ghost | 3.24.0 |
| Bitnami | ghost | 3.24.0, 3.24.0 |
Exploit Intelligence
- CVE-2026-26980 - Ghost CMS Content API SQL Injection (github-poc-repo)
- CVE-2026-26980 - Ghost CMS Content API SQL Injection (github-poc-repo)
- CVE-2026-26980 - Ghost CMS Content API SQL Injection (github-poc-repo)
- CVE-2026-26980 - Ghost CMS Content API SQL Injection (github-poc-repo)
- CVE-2026-26980 - Ghost CMS Content API SQL Injection (github-poc-repo)
- CVE-2026-26980 - Ghost CMS Content API SQL Injection (github-poc-repo)
- CVE-2026-26980 - Ghost CMS Content API SQL Injection (github-poc-repo)
- CVE-2026-26980 - Ghost CMS Content API SQL Injection (github-poc-repo)
- Ghost CMS Content API Blind SQL Injection (github-poc-repo)
- Ghost CMS Content API Blind SQL Injection (github-poc-repo)
…and 128 more exploits
Timeline
- Feb 18, 2026 CVE Published
- Feb 20, 2026 EPSS Score
- Feb 20, 2026 PoC Published
- Feb 20, 2026 PoC Published
- Feb 20, 2026 PoC Published
- Feb 20, 2026 PoC Published
- Feb 20, 2026 PoC Published
- Feb 20, 2026 PoC Published
- Feb 21, 2026 CVE Updated
- Feb 22, 2026 EPSS Score
- Feb 23, 2026 EPSS Score
- Feb 25, 2026 EPSS Score