Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/516716?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/516716?format=api", "purl": "pkg:npm/ghost@3.39.0", "type": "npm", "namespace": "", "name": "ghost", "version": "3.39.0", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "6.19.3", "latest_non_vulnerable_version": "6.19.3", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/143294?format=api", "vulnerability_id": "VCID-322u-tcye-huf9", "summary": "Ghost before 5.42.1 allows remote attackers to read arbitrary files within the active theme's folder via /assets/built%2F..%2F..%2F/ directory traversal. This occurs in frontend/web/middleware/static-theme.js.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-32235", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.94094", "scoring_system": "epss", "scoring_elements": "0.99911", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-32235" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-32235", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-32235" }, { "reference_url": "https://github.com/TryGhost/Ghost/commit/378dd913aa8d0fd0da29b0ffced8884579598b0f", "reference_id": "378dd913aa8d0fd0da29b0ffced8884579598b0f", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-29T16:27:01Z/" } ], "url": "https://github.com/TryGhost/Ghost/commit/378dd913aa8d0fd0da29b0ffced8884579598b0f" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52408.py", "reference_id": "CVE-2023-32235", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52408.py" }, { "reference_url": "https://github.com/advisories/GHSA-wf7x-fh6w-34r6", "reference_id": "GHSA-wf7x-fh6w-34r6", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-wf7x-fh6w-34r6" }, { "reference_url": "https://github.com/TryGhost/Ghost/compare/v5.42.0...v5.42.1", "reference_id": "v5.42.0...v5.42.1", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-29T16:27:01Z/" } ], "url": "https://github.com/TryGhost/Ghost/compare/v5.42.0...v5.42.1" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/381977?format=api", "purl": "pkg:npm/ghost@5.42.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3u5f-347g-a7cz" }, { "vulnerability": "VCID-744d-rhkz-87fp" }, { "vulnerability": "VCID-c6w8-e895-yffy" }, { "vulnerability": "VCID-cv37-vmbh-hbge" }, { "vulnerability": "VCID-kv7x-8p66-tqf3" }, { "vulnerability": "VCID-uv9z-tvr6-7ugm" }, { "vulnerability": "VCID-v17s-qgdp-cyan" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/ghost@5.42.1" } ], "aliases": [ "CVE-2023-32235", "GHSA-wf7x-fh6w-34r6" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-322u-tcye-huf9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/33369?format=api", "vulnerability_id": "VCID-744d-rhkz-87fp", "summary": "Ghost through 5.76.0 allows stored XSS, and resultant privilege escalation in which a contributor can take over any account, via an SVG profile picture that contains JavaScript code to interact with the API on localhost TCP port 3001. NOTE: The discoverer reports that \"The vendor does not view this as a valid vector.\"", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-23724", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.38375", "scoring_system": "epss", "scoring_elements": "0.97344", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.38375", "scoring_system": "epss", "scoring_elements": "0.97345", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.38375", "scoring_system": "epss", "scoring_elements": "0.97335", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.38375", "scoring_system": "epss", "scoring_elements": "0.97342", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-23724" }, { "reference_url": "https://rhinosecuritylabs.com/blog", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://rhinosecuritylabs.com/blog" }, { "reference_url": "https://github.com/TryGhost/Ghost/pull/19646", "reference_id": "19646", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-12T17:17:21Z/" } ], "url": "https://github.com/TryGhost/Ghost/pull/19646" }, { "reference_url": "https://rhinosecuritylabs.com/blog/", "reference_id": "blog", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-12T17:17:21Z/" } ], "url": "https://rhinosecuritylabs.com/blog/" }, { "reference_url": "https://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2024-23724", "reference_id": "CVE-2024-23724", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-12T17:17:21Z/" } ], "url": "https://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2024-23724" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23724", "reference_id": "CVE-2024-23724", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23724" }, { "reference_url": "https://github.com/advisories/GHSA-99vc-xw8j-phjm", "reference_id": "GHSA-99vc-xw8j-phjm", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-99vc-xw8j-phjm" } ], "fixed_packages": [], "aliases": [ "CVE-2024-23724", "GHSA-99vc-xw8j-phjm" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-744d-rhkz-87fp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/150484?format=api", "vulnerability_id": "VCID-c6w8-e895-yffy", "summary": "Ghost is an open source content management system. Versions prior to 5.59.1 are subject to a vulnerability which allows authenticated users to upload files that are symlinks. This can be exploited to perform an arbitrary file read of any file on the host operating system. Site administrators can check for exploitation of this issue by looking for unknown symlinks within Ghost's `content/` folder. Version 5.59.1 contains a fix for this issue. All users are advised to upgrade. There are no known workarounds for this vulnerability.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-40028", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.77606", "scoring_system": "epss", "scoring_elements": "0.99012", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.77606", "scoring_system": "epss", "scoring_elements": "0.99017", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.77606", "scoring_system": "epss", "scoring_elements": "0.99016", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-40028" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40028", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40028" }, { "reference_url": "https://github.com/TryGhost/Ghost/commit/690fbf3f7302ff3f77159c0795928bdd20f41205", "reference_id": "690fbf3f7302ff3f77159c0795928bdd20f41205", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T17:45:27Z/" } ], "url": "https://github.com/TryGhost/Ghost/commit/690fbf3f7302ff3f77159c0795928bdd20f41205" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52409.py", "reference_id": "CVE-2023-40028", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52409.py" }, { "reference_url": "https://github.com/advisories/GHSA-9c9v-w225-v5rg", "reference_id": "GHSA-9c9v-w225-v5rg", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-9c9v-w225-v5rg" }, { "reference_url": "https://github.com/TryGhost/Ghost/security/advisories/GHSA-9c9v-w225-v5rg", "reference_id": "GHSA-9c9v-w225-v5rg", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T17:45:27Z/" } ], "url": "https://github.com/TryGhost/Ghost/security/advisories/GHSA-9c9v-w225-v5rg" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/380666?format=api", "purl": "pkg:npm/ghost@5.59.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3u5f-347g-a7cz" }, { "vulnerability": "VCID-744d-rhkz-87fp" }, { "vulnerability": "VCID-cv37-vmbh-hbge" }, { "vulnerability": "VCID-f173-31n6-73fu" }, { "vulnerability": "VCID-uv9z-tvr6-7ugm" }, { "vulnerability": "VCID-v17s-qgdp-cyan" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/ghost@5.59.1" } ], "aliases": [ "CVE-2023-40028", "GHSA-9c9v-w225-v5rg" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c6w8-e895-yffy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/361163?format=api", "vulnerability_id": "VCID-cncs-9zzp-q7b1", "summary": "Remote command injection when using sendmail email transport\n### Impact\n\nSites using the `sendmail` transport as part of their `mail` config are vulnerable to remote command injection due to a [vulnerability](https://github.com/advisories/GHSA-48ww-j4fc-435p) in the `nodemailer` dependency.\n\nGhost defaults to the `direct` transport so this is only exploitable if the `sendmail` transport is explicitly used.\n\n### Patches\n\nFixed in 4.15.0, all sites should upgrade as soon as possible.\n\n### Workarounds\n\n* Use an alternative email transport as described in the [docs](https://ghost.org/docs/config/#mail). \n\n### For more information\n\nIf you have any questions or comments about this advisory:\n\n* email us at security@ghost.org", "references": [ { "reference_url": "https://github.com/advisories/GHSA-48ww-j4fc-435p", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-48ww-j4fc-435p" }, { "reference_url": "https://github.com/TryGhost/Ghost/commit/93e4b2eafd18bc8e4c17924e0824e73617e7940c", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TryGhost/Ghost/commit/93e4b2eafd18bc8e4c17924e0824e73617e7940c" }, { "reference_url": "https://github.com/TryGhost/Ghost/security/advisories/GHSA-wfrj-qqc2-83cm", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TryGhost/Ghost/security/advisories/GHSA-wfrj-qqc2-83cm" }, { "reference_url": "https://github.com/advisories/GHSA-wfrj-qqc2-83cm", "reference_id": "GHSA-wfrj-qqc2-83cm", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-wfrj-qqc2-83cm" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/382493?format=api", "purl": "pkg:npm/ghost@4.15.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-322u-tcye-huf9" }, { "vulnerability": "VCID-744d-rhkz-87fp" }, { "vulnerability": "VCID-c6w8-e895-yffy" }, { "vulnerability": "VCID-cv37-vmbh-hbge" }, { "vulnerability": "VCID-d6yk-x515-zqek" }, { "vulnerability": "VCID-kv7x-8p66-tqf3" }, { "vulnerability": "VCID-s9t5-skgx-u3hw" }, { "vulnerability": "VCID-uv9z-tvr6-7ugm" }, { "vulnerability": "VCID-v17s-qgdp-cyan" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/ghost@4.15.0" } ], "aliases": [ "GHSA-wfrj-qqc2-83cm", "GMS-2021-182" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cncs-9zzp-q7b1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/70890?format=api", "vulnerability_id": "VCID-cv37-vmbh-hbge", "summary": "Ghost is a Node.js content management system. Versions 3.24.0 through 6.19.0 allow unauthenticated attackers to perform arbitrary reads from the database. This issue has been fixed in version 6.19.1.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-26980", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.56657", "scoring_system": "epss", "scoring_elements": "0.98173", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.56657", "scoring_system": "epss", "scoring_elements": "0.98174", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.56657", "scoring_system": "epss", "scoring_elements": "0.98172", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.56657", "scoring_system": "epss", "scoring_elements": "0.98166", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-26980" }, { "reference_url": "https://blog.xlab.qianxin.com/ghost-cms-page-poisoning-cve-2026-26980", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://blog.xlab.qianxin.com/ghost-cms-page-poisoning-cve-2026-26980" }, { "reference_url": "https://github.com/TryGhost/Ghost/commit/30868d632b2252b638bc8a4c8ebf73964592ed91", "reference_id": "30868d632b2252b638bc8a4c8ebf73964592ed91", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-20T15:30:19Z/" } ], "url": "https://github.com/TryGhost/Ghost/commit/30868d632b2252b638bc8a4c8ebf73964592ed91" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52555.txt", "reference_id": "CVE-2026-26980", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52555.txt" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26980", "reference_id": "CVE-2026-26980", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26980" }, { "reference_url": "https://github.com/advisories/GHSA-w52v-v783-gw97", "reference_id": "GHSA-w52v-v783-gw97", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-w52v-v783-gw97" }, { "reference_url": "https://github.com/TryGhost/Ghost/security/advisories/GHSA-w52v-v783-gw97", "reference_id": "GHSA-w52v-v783-gw97", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-20T15:30:19Z/" } ], "url": "https://github.com/TryGhost/Ghost/security/advisories/GHSA-w52v-v783-gw97" }, { "reference_url": "https://github.com/TryGhost/Ghost/releases/tag/v6.19.1", "reference_id": "v6.19.1", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-20T15:30:19Z/" } ], "url": "https://github.com/TryGhost/Ghost/releases/tag/v6.19.1" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/39368?format=api", "purl": "pkg:npm/ghost@6.19.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4chn-jutc-fue2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/ghost@6.19.1" } ], "aliases": [ "CVE-2026-26980", "GHSA-w52v-v783-gw97" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cv37-vmbh-hbge" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/210829?format=api", "vulnerability_id": "VCID-d6yk-x515-zqek", "summary": "Ghost vulnerable to remote code execution in locale setting change", "references": [ { "reference_url": "https://github.com/advisories/GHSA-7v28-g2pq-ggg8", "reference_id": "GHSA-7v28-g2pq-ggg8", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-7v28-g2pq-ggg8" }, { "reference_url": "https://github.com/TryGhost/Ghost/security/advisories/GHSA-7v28-g2pq-ggg8", "reference_id": "GHSA-7v28-g2pq-ggg8", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TryGhost/Ghost/security/advisories/GHSA-7v28-g2pq-ggg8" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/24772?format=api", "purl": "pkg:npm/ghost@4.48.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-322u-tcye-huf9" }, { "vulnerability": "VCID-3u5f-347g-a7cz" }, { "vulnerability": "VCID-744d-rhkz-87fp" }, { "vulnerability": "VCID-c6w8-e895-yffy" }, { "vulnerability": "VCID-cv37-vmbh-hbge" }, { "vulnerability": "VCID-kv7x-8p66-tqf3" }, { "vulnerability": "VCID-uv9z-tvr6-7ugm" }, { "vulnerability": "VCID-v17s-qgdp-cyan" }, { "vulnerability": "VCID-wq3c-84ce-c3hz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/ghost@4.48.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/24768?format=api", "purl": "pkg:npm/ghost@5.2.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-322u-tcye-huf9" }, { "vulnerability": "VCID-3u5f-347g-a7cz" }, { "vulnerability": "VCID-744d-rhkz-87fp" }, { "vulnerability": "VCID-c6w8-e895-yffy" }, { "vulnerability": "VCID-cv37-vmbh-hbge" }, { "vulnerability": "VCID-kv7x-8p66-tqf3" }, { "vulnerability": "VCID-uv9z-tvr6-7ugm" }, { "vulnerability": "VCID-v17s-qgdp-cyan" }, { "vulnerability": "VCID-wq3c-84ce-c3hz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/ghost@5.2.3" } ], "aliases": [ "GHSA-7v28-g2pq-ggg8", "GMS-2022-2237" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d6yk-x515-zqek" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/137141?format=api", "vulnerability_id": "VCID-kv7x-8p66-tqf3", "summary": "Ghost is an app for new-media creators with tools to build a website, publish content, send newsletters, and offer paid subscriptions to members. Prior to version 5.46.1, due to a lack of validation when filtering on the public API endpoints, it is possible to reveal private fields via a brute force attack.\n\nGhost(Pro) has already been patched. Maintainers can find no evidence that the issue was exploited on Ghost(Pro) prior to the patch being added. Self-hosters are impacted if running Ghost a version below v5.46.1. v5.46.1 contains a fix for this issue. As a workaround, add a block for requests to `/ghost/api/content/*` where the `filter` query parameter contains `password` or `email`.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-31133", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0717", "scoring_system": "epss", "scoring_elements": "0.91801", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.0717", "scoring_system": "epss", "scoring_elements": "0.91798", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.0717", "scoring_system": "epss", "scoring_elements": "0.91764", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0717", "scoring_system": "epss", "scoring_elements": "0.91793", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-31133" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-31133", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-31133" }, { "reference_url": "https://github.com/TryGhost/Ghost/commit/b3caf16005289cc9909488391b4a26f3f4a66a90", "reference_id": "b3caf16005289cc9909488391b4a26f3f4a66a90", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-29T14:53:14Z/" } ], "url": "https://github.com/TryGhost/Ghost/commit/b3caf16005289cc9909488391b4a26f3f4a66a90" }, { "reference_url": "https://github.com/advisories/GHSA-r97q-ghch-82j9", "reference_id": "GHSA-r97q-ghch-82j9", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-r97q-ghch-82j9" }, { "reference_url": "https://github.com/TryGhost/Ghost/security/advisories/GHSA-r97q-ghch-82j9", "reference_id": "GHSA-r97q-ghch-82j9", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-29T14:53:14Z/" } ], "url": "https://github.com/TryGhost/Ghost/security/advisories/GHSA-r97q-ghch-82j9" }, { "reference_url": "https://github.com/TryGhost/Ghost/releases/tag/v5.46.1", "reference_id": "v5.46.1", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-29T14:53:14Z/" } ], "url": "https://github.com/TryGhost/Ghost/releases/tag/v5.46.1" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/382079?format=api", "purl": "pkg:npm/ghost@5.46.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3u5f-347g-a7cz" }, { "vulnerability": "VCID-744d-rhkz-87fp" }, { "vulnerability": "VCID-c6w8-e895-yffy" }, { "vulnerability": "VCID-cv37-vmbh-hbge" }, { "vulnerability": "VCID-f173-31n6-73fu" }, { "vulnerability": "VCID-uv9z-tvr6-7ugm" }, { "vulnerability": "VCID-v17s-qgdp-cyan" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/ghost@5.46.1" } ], "aliases": [ "CVE-2023-31133", "GHSA-r97q-ghch-82j9" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kv7x-8p66-tqf3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/361170?format=api", "vulnerability_id": "VCID-s9t5-skgx-u3hw", "summary": "Member account takeover\n### Impact\n\nAn error in the implementation of the member email change functionality allows unauthenticated users to change the email address of arbitrary member accounts to one they control by crafting a request to the relevant API endpoint, and validating the new address via magic link sent to the new email address.\n\nGhost(Pro) has already been patched. Self-hosters are impacted if running Ghost a version between 3.18.0 and 4.15.0 with members functionality enabled.\n\n### Patches\n\nFixed in 4.15.1, all 4.x sites should upgrade as soon as possible.\nFixed in 3.42.6, all 3.x sites should upgrade as soon as possible.\n\n### Workarounds\n\nThe patch in 4.15.1 and 3.42.6 adds a new authenticated endpoint for updating member email addresses. Updating Ghost is the quickest complete solution.\n\nAs a workaround, if for any reason you cannot update your Ghost instance, you can block the `POST /members/api/send-magic-link/` endpoint, which will also disable member login and signup for your site.\n\n### For more information\n\nIf you have any questions or comments about this advisory:\n* Email us at [security@ghost.org](mailto:security@ghost.org)", "references": [ { "reference_url": "https://github.com/TryGhost/Ghost/security/advisories/GHSA-65p7-pjj8-ggmr", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TryGhost/Ghost/security/advisories/GHSA-65p7-pjj8-ggmr" }, { "reference_url": "https://github.com/advisories/GHSA-65p7-pjj8-ggmr", "reference_id": "GHSA-65p7-pjj8-ggmr", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-65p7-pjj8-ggmr" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/382607?format=api", "purl": "pkg:npm/ghost@3.42.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-322u-tcye-huf9" }, { "vulnerability": "VCID-744d-rhkz-87fp" }, { "vulnerability": "VCID-c6w8-e895-yffy" }, { "vulnerability": "VCID-cv37-vmbh-hbge" }, { "vulnerability": "VCID-d6yk-x515-zqek" }, { "vulnerability": "VCID-kv7x-8p66-tqf3" }, { "vulnerability": "VCID-uv9z-tvr6-7ugm" }, { "vulnerability": "VCID-v17s-qgdp-cyan" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/ghost@3.42.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/516742?format=api", "purl": "pkg:npm/ghost@4.0.0-alpha.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-322u-tcye-huf9" }, { "vulnerability": "VCID-744d-rhkz-87fp" }, { "vulnerability": "VCID-c6w8-e895-yffy" }, { "vulnerability": "VCID-cncs-9zzp-q7b1" }, { "vulnerability": "VCID-cv37-vmbh-hbge" }, { "vulnerability": "VCID-d6yk-x515-zqek" }, { "vulnerability": "VCID-kv7x-8p66-tqf3" }, { "vulnerability": "VCID-uv9z-tvr6-7ugm" }, { "vulnerability": "VCID-v17s-qgdp-cyan" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/ghost@4.0.0-alpha.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/382608?format=api", "purl": "pkg:npm/ghost@4.15.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-322u-tcye-huf9" }, { "vulnerability": "VCID-744d-rhkz-87fp" }, { "vulnerability": "VCID-c6w8-e895-yffy" }, { "vulnerability": "VCID-cv37-vmbh-hbge" }, { "vulnerability": "VCID-d6yk-x515-zqek" }, { "vulnerability": "VCID-kv7x-8p66-tqf3" }, { "vulnerability": "VCID-uv9z-tvr6-7ugm" }, { "vulnerability": "VCID-v17s-qgdp-cyan" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/ghost@4.15.1" } ], "aliases": [ "GHSA-65p7-pjj8-ggmr", "GMS-2021-181" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s9t5-skgx-u3hw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/74005?format=api", "vulnerability_id": "VCID-uv9z-tvr6-7ugm", "summary": "Ghost is a Node.js content management system. From version 0.7.2 to 6.19.0, specifically crafted malicious themes can execute arbitrary code on the server running Ghost. This issue has been patched in version 6.19.1.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-29053", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.09327", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.09318", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.09328", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.09276", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-29053" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29053", "reference_id": "CVE-2026-29053", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29053" }, { "reference_url": "https://github.com/advisories/GHSA-cgc2-rcrh-qr5x", "reference_id": "GHSA-cgc2-rcrh-qr5x", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-cgc2-rcrh-qr5x" }, { "reference_url": "https://github.com/TryGhost/Ghost/security/advisories/GHSA-cgc2-rcrh-qr5x", "reference_id": "GHSA-cgc2-rcrh-qr5x", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H" }, { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-05T15:29:20Z/" } ], "url": "https://github.com/TryGhost/Ghost/security/advisories/GHSA-cgc2-rcrh-qr5x" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/39368?format=api", "purl": "pkg:npm/ghost@6.19.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4chn-jutc-fue2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/ghost@6.19.1" } ], "aliases": [ "CVE-2026-29053", "GHSA-cgc2-rcrh-qr5x" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uv9z-tvr6-7ugm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/33647?format=api", "vulnerability_id": "VCID-v17s-qgdp-cyan", "summary": "Ghost before 5.76.0 allows XSS via a post excerpt in excerpt.js. An XSS payload can be rendered in post summaries.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-23725", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.29831", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.29833", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.29848", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.29634", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-23725" }, { "reference_url": "https://github.com/yunaycompany/Ghost/commit/64d67717f7c76c77b3908e15627f473e9ef34002", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/yunaycompany/Ghost/commit/64d67717f7c76c77b3908e15627f473e9ef34002" }, { "reference_url": "https://github.com/TryGhost/Ghost/pull/17190", "reference_id": "17190", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:35:42Z/" } ], "url": "https://github.com/TryGhost/Ghost/pull/17190" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23725", "reference_id": "CVE-2024-23725", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23725" }, { "reference_url": "https://github.com/advisories/GHSA-fh38-9fgr-454w", "reference_id": "GHSA-fh38-9fgr-454w", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-fh38-9fgr-454w" }, { "reference_url": "https://github.com/TryGhost/Ghost/releases/tag/v5.76.0", "reference_id": "v5.76.0", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:35:42Z/" } ], "url": "https://github.com/TryGhost/Ghost/releases/tag/v5.76.0" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/28506?format=api", "purl": "pkg:npm/ghost@5.76.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3u5f-347g-a7cz" }, { "vulnerability": "VCID-744d-rhkz-87fp" }, { "vulnerability": "VCID-cv37-vmbh-hbge" }, { "vulnerability": "VCID-f173-31n6-73fu" }, { "vulnerability": "VCID-uv9z-tvr6-7ugm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/ghost@5.76.0" } ], "aliases": [ "CVE-2024-23725", "GHSA-fh38-9fgr-454w" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v17s-qgdp-cyan" } ], "fixing_vulnerabilities": [], "risk_score": "10.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/ghost@3.39.0" }