Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:npm/ghost@5.101.6
Typenpm
Namespace
Nameghost
Version5.101.6
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version6.19.3
Latest_non_vulnerable_version6.19.3
Affected_by_vulnerabilities
0
url VCID-3mb5-8b85-d7bt
vulnerability_id VCID-3mb5-8b85-d7bt
summary Server-Side Request Forgery (SSRF) vulnerability in Ghost allows an attacker to access internal resources.This issue affects Ghost: from 6.0.0 through 6.0.8, from 5.99.0 through 5.130.3.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-9862
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.0726
published_at 2026-06-11T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.07301
published_at 2026-06-12T12:55:00Z
2
value 0.00025
scoring_system epss
scoring_elements 0.07494
published_at 2026-06-14T12:55:00Z
3
value 0.00025
scoring_system epss
scoring_elements 0.07502
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-9862
1
reference_url https://github.com/TryGhost/Ghost/commit/01d64c7c0ffbf90cd036195c60ded6d08077d612
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TryGhost/Ghost/commit/01d64c7c0ffbf90cd036195c60ded6d08077d612
2
reference_url https://github.com/TryGhost/Ghost/commit/ffe9d079afa68557c581d224f1ff126e625b06e3
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TryGhost/Ghost/commit/ffe9d079afa68557c581d224f1ff126e625b06e3
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-9862
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-9862
4
reference_url https://github.com/TryGhost/Ghost
reference_id Ghost
reference_type
scores
0
value 6.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-17T15:42:29Z/
url https://github.com/TryGhost/Ghost
5
reference_url https://github.com/advisories/GHSA-f7qg-xj45-w956
reference_id GHSA-f7qg-xj45-w956
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-f7qg-xj45-w956
6
reference_url https://github.com/TryGhost/Ghost/security/advisories/GHSA-f7qg-xj45-w956
reference_id GHSA-f7qg-xj45-w956
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
1
value 6.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-17T15:42:29Z/
url https://github.com/TryGhost/Ghost/security/advisories/GHSA-f7qg-xj45-w956
7
reference_url https://fluidattacks.com/advisories/regida
reference_id regida
reference_type
scores
0
value 6.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-17T15:42:29Z/
url https://fluidattacks.com/advisories/regida
8
reference_url https://github.com/TryGhost/Ghost/releases/tag/v6.0.9
reference_id v6.0.9
reference_type
scores
0
value 6.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-17T15:42:29Z/
url https://github.com/TryGhost/Ghost/releases/tag/v6.0.9
fixed_packages
0
url pkg:npm/ghost@5.130.4
purl pkg:npm/ghost@5.130.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4chn-jutc-fue2
1
vulnerability VCID-cv37-vmbh-hbge
2
vulnerability VCID-dqj6-6jfr-37ca
3
vulnerability VCID-k4ww-t1ck-jkcr
4
vulnerability VCID-uv9z-tvr6-7ugm
5
vulnerability VCID-z5jg-cfyj-sbg5
6
vulnerability VCID-z8d3-xben-ebay
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/ghost@5.130.4
1
url pkg:npm/ghost@6.0.9
purl pkg:npm/ghost@6.0.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4chn-jutc-fue2
1
vulnerability VCID-cv37-vmbh-hbge
2
vulnerability VCID-dqj6-6jfr-37ca
3
vulnerability VCID-f173-31n6-73fu
4
vulnerability VCID-k4ww-t1ck-jkcr
5
vulnerability VCID-uv9z-tvr6-7ugm
6
vulnerability VCID-z5jg-cfyj-sbg5
7
vulnerability VCID-z8d3-xben-ebay
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/ghost@6.0.9
aliases CVE-2025-9862, GHSA-f7qg-xj45-w956
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3mb5-8b85-d7bt
1
url VCID-4chn-jutc-fue2
vulnerability_id VCID-4chn-jutc-fue2
summary Ghost is a Node.js content management system. From version 5.101.6 to 6.19.2, incomplete CSRF protections around /session/verify made it possible to use OTCs in login sessions different from the requesting session. In some scenarios this might have made it easier for phishers to take over a Ghost site. This issue has been patched in version 6.19.3.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-29784
reference_id
reference_type
scores
0
value 0.00025
scoring_system epss
scoring_elements 0.07583
published_at 2026-06-14T12:55:00Z
1
value 0.00025
scoring_system epss
scoring_elements 0.07597
published_at 2026-06-12T12:55:00Z
2
value 0.00025
scoring_system epss
scoring_elements 0.0756
published_at 2026-06-11T12:55:00Z
3
value 0.00025
scoring_system epss
scoring_elements 0.07592
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-29784
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-29784
reference_id CVE-2026-29784
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-29784
2
reference_url https://github.com/TryGhost/Ghost/commit/ec065a774fa125953d2aa644a59cd8990329e0a0
reference_id ec065a774fa125953d2aa644a59cd8990329e0a0
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-09T17:39:47Z/
url https://github.com/TryGhost/Ghost/commit/ec065a774fa125953d2aa644a59cd8990329e0a0
3
reference_url https://github.com/advisories/GHSA-9m84-wc28-w895
reference_id GHSA-9m84-wc28-w895
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9m84-wc28-w895
4
reference_url https://github.com/TryGhost/Ghost/security/advisories/GHSA-9m84-wc28-w895
reference_id GHSA-9m84-wc28-w895
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-09T17:39:47Z/
url https://github.com/TryGhost/Ghost/security/advisories/GHSA-9m84-wc28-w895
fixed_packages
0
url pkg:npm/ghost@6.19.3
purl pkg:npm/ghost@6.19.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/ghost@6.19.3
aliases CVE-2026-29784, GHSA-9m84-wc28-w895
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4chn-jutc-fue2
2
url VCID-cv37-vmbh-hbge
vulnerability_id VCID-cv37-vmbh-hbge
summary Ghost is a Node.js content management system. Versions 3.24.0 through 6.19.0 allow unauthenticated attackers to perform arbitrary reads from the database. This issue has been fixed in version 6.19.1.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-26980
reference_id
reference_type
scores
0
value 0.56657
scoring_system epss
scoring_elements 0.98173
published_at 2026-06-13T12:55:00Z
1
value 0.56657
scoring_system epss
scoring_elements 0.98174
published_at 2026-06-14T12:55:00Z
2
value 0.56657
scoring_system epss
scoring_elements 0.98172
published_at 2026-06-12T12:55:00Z
3
value 0.56657
scoring_system epss
scoring_elements 0.98166
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-26980
1
reference_url https://blog.xlab.qianxin.com/ghost-cms-page-poisoning-cve-2026-26980
reference_id
reference_type
scores
0
value 9.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://blog.xlab.qianxin.com/ghost-cms-page-poisoning-cve-2026-26980
2
reference_url https://github.com/TryGhost/Ghost/commit/30868d632b2252b638bc8a4c8ebf73964592ed91
reference_id 30868d632b2252b638bc8a4c8ebf73964592ed91
reference_type
scores
0
value 9.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-20T15:30:19Z/
url https://github.com/TryGhost/Ghost/commit/30868d632b2252b638bc8a4c8ebf73964592ed91
3
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52555.txt
reference_id CVE-2026-26980
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52555.txt
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-26980
reference_id CVE-2026-26980
reference_type
scores
0
value 9.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-26980
5
reference_url https://github.com/advisories/GHSA-w52v-v783-gw97
reference_id GHSA-w52v-v783-gw97
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-w52v-v783-gw97
6
reference_url https://github.com/TryGhost/Ghost/security/advisories/GHSA-w52v-v783-gw97
reference_id GHSA-w52v-v783-gw97
reference_type
scores
0
value 9.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
1
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-20T15:30:19Z/
url https://github.com/TryGhost/Ghost/security/advisories/GHSA-w52v-v783-gw97
7
reference_url https://github.com/TryGhost/Ghost/releases/tag/v6.19.1
reference_id v6.19.1
reference_type
scores
0
value 9.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-20T15:30:19Z/
url https://github.com/TryGhost/Ghost/releases/tag/v6.19.1
fixed_packages
0
url pkg:npm/ghost@6.19.1
purl pkg:npm/ghost@6.19.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4chn-jutc-fue2
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/ghost@6.19.1
aliases CVE-2026-26980, GHSA-w52v-v783-gw97
risk_score 10.0
exploitability 2.0
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cv37-vmbh-hbge
3
url VCID-f173-31n6-73fu
vulnerability_id VCID-f173-31n6-73fu
summary Ghost is an open source content management system. In Ghost versions 5.43.0 through 5.12.04 and 6.0.0 through 6.14.0, an attacker was able to craft a malicious link that, when accessed by an authenticated staff user or member, would execute JavaScript with the victim's permissions, potentially leading to account takeover. Ghost Portal versions 2.29.1 through 2.51.4 and 2.52.0 through 2.57.0 were vulnerable to this issue. Ghost automatically loads the latest patch of the members Portal component via CDN. For Ghost 5.x users, upgrading to v5.121.0 or later fixes the vulnerability. v5.121.0 loads Portal v2.51.5, which contains the patch. For Ghost 6.x users, upgrading to v6.15.0 or later fixes the vulnerability. v6.15.0 loads Portal v2.57.1, which contains the patch. For Ghost installations using a customized or self-hosted version of Portal, it will be necessary to manually rebuild from or update to the latest patch version.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-24778
reference_id
reference_type
scores
0
value 0.0002
scoring_system epss
scoring_elements 0.05759
published_at 2026-06-14T12:55:00Z
1
value 0.0002
scoring_system epss
scoring_elements 0.05778
published_at 2026-06-12T12:55:00Z
2
value 0.0002
scoring_system epss
scoring_elements 0.05752
published_at 2026-06-11T12:55:00Z
3
value 0.0002
scoring_system epss
scoring_elements 0.05769
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-24778
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-24778
reference_id CVE-2026-24778
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-24778
2
reference_url https://github.com/TryGhost/Ghost/commit/da858e640e88e69c1773a7b7ecdc2008fa143849
reference_id da858e640e88e69c1773a7b7ecdc2008fa143849
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-28T21:11:07Z/
url https://github.com/TryGhost/Ghost/commit/da858e640e88e69c1773a7b7ecdc2008fa143849
3
reference_url https://github.com/advisories/GHSA-gv6q-2m97-882h
reference_id GHSA-gv6q-2m97-882h
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-gv6q-2m97-882h
4
reference_url https://github.com/TryGhost/Ghost/security/advisories/GHSA-gv6q-2m97-882h
reference_id GHSA-gv6q-2m97-882h
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-28T21:11:07Z/
url https://github.com/TryGhost/Ghost/security/advisories/GHSA-gv6q-2m97-882h
fixed_packages
0
url pkg:npm/ghost@5.121.0
purl pkg:npm/ghost@5.121.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3mb5-8b85-d7bt
1
vulnerability VCID-4chn-jutc-fue2
2
vulnerability VCID-cv37-vmbh-hbge
3
vulnerability VCID-dqj6-6jfr-37ca
4
vulnerability VCID-k4ww-t1ck-jkcr
5
vulnerability VCID-uv9z-tvr6-7ugm
6
vulnerability VCID-z5jg-cfyj-sbg5
7
vulnerability VCID-z8d3-xben-ebay
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/ghost@5.121.0
1
url pkg:npm/ghost@6.15.0
purl pkg:npm/ghost@6.15.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4chn-jutc-fue2
1
vulnerability VCID-cv37-vmbh-hbge
2
vulnerability VCID-uv9z-tvr6-7ugm
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/ghost@6.15.0
aliases CVE-2026-24778, GHSA-gv6q-2m97-882h
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f173-31n6-73fu
4
url VCID-uv9z-tvr6-7ugm
vulnerability_id VCID-uv9z-tvr6-7ugm
summary Ghost is a Node.js content management system. From version 0.7.2 to 6.19.0, specifically crafted malicious themes can execute arbitrary code on the server running Ghost. This issue has been patched in version 6.19.1.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-29053
reference_id
reference_type
scores
0
value 0.0003
scoring_system epss
scoring_elements 0.09327
published_at 2026-06-12T12:55:00Z
1
value 0.0003
scoring_system epss
scoring_elements 0.09318
published_at 2026-06-14T12:55:00Z
2
value 0.0003
scoring_system epss
scoring_elements 0.09328
published_at 2026-06-13T12:55:00Z
3
value 0.0003
scoring_system epss
scoring_elements 0.09276
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-29053
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-29053
reference_id CVE-2026-29053
reference_type
scores
0
value 7.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-29053
2
reference_url https://github.com/advisories/GHSA-cgc2-rcrh-qr5x
reference_id GHSA-cgc2-rcrh-qr5x
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cgc2-rcrh-qr5x
3
reference_url https://github.com/TryGhost/Ghost/security/advisories/GHSA-cgc2-rcrh-qr5x
reference_id GHSA-cgc2-rcrh-qr5x
reference_type
scores
0
value 7.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H
2
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-05T15:29:20Z/
url https://github.com/TryGhost/Ghost/security/advisories/GHSA-cgc2-rcrh-qr5x
fixed_packages
0
url pkg:npm/ghost@6.19.1
purl pkg:npm/ghost@6.19.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4chn-jutc-fue2
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/ghost@6.19.1
aliases CVE-2026-29053, GHSA-cgc2-rcrh-qr5x
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uv9z-tvr6-7ugm
Fixing_vulnerabilities
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:npm/ghost@5.101.6