Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/534540?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/534540?format=api", "purl": "pkg:npm/ghost@4.6.5", "type": "npm", "namespace": "", "name": "ghost", "version": "4.6.5", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "6.19.3", "latest_non_vulnerable_version": "6.19.3", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50641?format=api", "vulnerability_id": "VCID-3ccc-5hyx-8bfy", "summary": "Ghost Vulnerable to Remote Code Execution via Malicious Themes\nSpecifically crafted malicious themes can execute arbitrary code on the server running Ghost.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-29053", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.0922", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.09191", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.09162", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.0924", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.09221", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-29053" }, { "reference_url": "https://github.com/TryGhost/Ghost", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TryGhost/Ghost" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29053", "reference_id": "CVE-2026-29053", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29053" }, { "reference_url": "https://github.com/advisories/GHSA-cgc2-rcrh-qr5x", "reference_id": "GHSA-cgc2-rcrh-qr5x", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-cgc2-rcrh-qr5x" }, { "reference_url": "https://github.com/TryGhost/Ghost/security/advisories/GHSA-cgc2-rcrh-qr5x", "reference_id": "GHSA-cgc2-rcrh-qr5x", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H" }, { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-05T15:29:20Z/" } ], "url": "https://github.com/TryGhost/Ghost/security/advisories/GHSA-cgc2-rcrh-qr5x" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74127?format=api", "purl": "pkg:npm/ghost@6.19.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rdn5-yatw-jfcf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/ghost@6.19.1" } ], "aliases": [ "CVE-2026-29053", "GHSA-cgc2-rcrh-qr5x" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3ccc-5hyx-8bfy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41502?format=api", "vulnerability_id": "VCID-5rgb-wg1q-7kgz", "summary": "Member account takeover\n### Impact\n\nAn error in the implementation of the member email change functionality allows unauthenticated users to change the email address of arbitrary member accounts to one they control by crafting a request to the relevant API endpoint, and validating the new address via magic link sent to the new email address.\n\nGhost(Pro) has already been patched. Self-hosters are impacted if running Ghost a version between 3.18.0 and 4.15.0 with members functionality enabled.\n\n### Patches\n\nFixed in 4.15.1, all 4.x sites should upgrade as soon as possible.\nFixed in 3.42.6, all 3.x sites should upgrade as soon as possible.\n\n### Workarounds\n\nThe patch in 4.15.1 and 3.42.6 adds a new authenticated endpoint for updating member email addresses. Updating Ghost is the quickest complete solution.\n\nAs a workaround, if for any reason you cannot update your Ghost instance, you can block the `POST /members/api/send-magic-link/` endpoint, which will also disable member login and signup for your site.\n\n### For more information\n\nIf you have any questions or comments about this advisory:\n* Email us at [security@ghost.org](mailto:security@ghost.org)", "references": [ { "reference_url": "https://github.com/TryGhost/Ghost", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TryGhost/Ghost" }, { "reference_url": "https://github.com/advisories/GHSA-65p7-pjj8-ggmr", "reference_id": "GHSA-65p7-pjj8-ggmr", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-65p7-pjj8-ggmr" }, { "reference_url": "https://github.com/TryGhost/Ghost/security/advisories/GHSA-65p7-pjj8-ggmr", "reference_id": "GHSA-65p7-pjj8-ggmr", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TryGhost/Ghost/security/advisories/GHSA-65p7-pjj8-ggmr" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/59127?format=api", "purl": "pkg:npm/ghost@4.15.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ccc-5hyx-8bfy" }, { "vulnerability": "VCID-ayht-7ufu-17fa" }, { "vulnerability": "VCID-gdm7-4ufz-kydq" }, { "vulnerability": "VCID-gnc6-cpen-4fd7" }, { "vulnerability": "VCID-nz5j-jdbu-2bd2" }, { "vulnerability": "VCID-q9ty-mpku-13fg" }, { "vulnerability": "VCID-qrjm-axkj-37c4" }, { "vulnerability": "VCID-vmjp-z3ex-eqcr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/ghost@4.15.1" } ], "aliases": [ "GHSA-65p7-pjj8-ggmr", "GMS-2021-181" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5rgb-wg1q-7kgz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41425?format=api", "vulnerability_id": "VCID-9gsp-g86r-5fbf", "summary": "Improper Privilege Management\nGhost is a Node.js content management system. An error in the implementation of the limits service allows all authenticated users (including contributors) to view admin-level API keys via the integrations API endpoint, leading to a privilege escalation vulnerability. As a workaround, disable all non-Administrator accounts to prevent API access. It is highly recommended to regenerate all API keys after patching or applying the workaround.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-39192", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00531", "scoring_system": "epss", "scoring_elements": "0.67644", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00531", "scoring_system": "epss", "scoring_elements": "0.67624", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00531", "scoring_system": "epss", "scoring_elements": "0.67641", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.00531", "scoring_system": "epss", "scoring_elements": "0.67603", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00531", "scoring_system": "epss", "scoring_elements": "0.67651", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-39192" }, { "reference_url": "https://github.com/TryGhost/Ghost", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TryGhost/Ghost" }, { "reference_url": "https://github.com/TryGhost/Ghost/releases/tag/v4.10.0", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TryGhost/Ghost/releases/tag/v4.10.0" }, { "reference_url": "https://github.com/TryGhost/Ghost/security/advisories/GHSA-j5c2-hm46-wp5c", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TryGhost/Ghost/security/advisories/GHSA-j5c2-hm46-wp5c" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-39192", "reference_id": "CVE-2021-39192", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-39192" }, { "reference_url": "https://github.com/advisories/GHSA-j5c2-hm46-wp5c", "reference_id": "GHSA-j5c2-hm46-wp5c", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-j5c2-hm46-wp5c" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/58918?format=api", "purl": "pkg:npm/ghost@4.10.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ccc-5hyx-8bfy" }, { "vulnerability": "VCID-5rgb-wg1q-7kgz" }, { "vulnerability": "VCID-ayht-7ufu-17fa" }, { "vulnerability": "VCID-gdm7-4ufz-kydq" }, { "vulnerability": "VCID-gnc6-cpen-4fd7" }, { "vulnerability": "VCID-nz5j-jdbu-2bd2" }, { "vulnerability": "VCID-q9ty-mpku-13fg" }, { "vulnerability": "VCID-qrjm-axkj-37c4" }, { "vulnerability": "VCID-vmjp-z3ex-eqcr" }, { "vulnerability": "VCID-wv6g-5a6k-gfhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/ghost@4.10.0" } ], "aliases": [ "CVE-2021-39192", "GHSA-j5c2-hm46-wp5c" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9gsp-g86r-5fbf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46996?format=api", "vulnerability_id": "VCID-ayht-7ufu-17fa", "summary": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nGhost through 5.76.0 allows stored XSS, and resultant privilege escalation in which a contributor can take over any account, via an SVG profile picture that contains JavaScript code to interact with the API on localhost TCP port 3001. NOTE: The discoverer reports that \"The vendor does not view this as a valid vector.\"", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-23724", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.38375", "scoring_system": "epss", "scoring_elements": "0.97326", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.38375", "scoring_system": "epss", "scoring_elements": "0.97325", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.38375", "scoring_system": "epss", "scoring_elements": "0.97323", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-23724" }, { "reference_url": "https://github.com/TryGhost/Ghost", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TryGhost/Ghost" }, { "reference_url": "https://github.com/TryGhost/Ghost/pull/19646", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-12T17:17:21Z/" } ], "url": "https://github.com/TryGhost/Ghost/pull/19646" }, { "reference_url": "https://rhinosecuritylabs.com/blog", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://rhinosecuritylabs.com/blog" }, { "reference_url": "https://rhinosecuritylabs.com/blog/", "reference_id": "blog", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-12T17:17:21Z/" } ], "url": "https://rhinosecuritylabs.com/blog/" }, { "reference_url": "https://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2024-23724", "reference_id": "CVE-2024-23724", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-12T17:17:21Z/" } ], "url": "https://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2024-23724" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23724", "reference_id": "CVE-2024-23724", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23724" }, { "reference_url": "https://github.com/advisories/GHSA-99vc-xw8j-phjm", "reference_id": "GHSA-99vc-xw8j-phjm", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-99vc-xw8j-phjm" } ], "fixed_packages": [], "aliases": [ "CVE-2024-23724", "GHSA-99vc-xw8j-phjm" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ayht-7ufu-17fa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46868?format=api", "vulnerability_id": "VCID-gdm7-4ufz-kydq", "summary": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nGhost before 5.76.0 allows XSS via a post excerpt in excerpt.js. An XSS payload can be rendered in post summaries.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-23725", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.29619", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.296", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.29688", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.29652", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.29586", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-23725" }, { "reference_url": "https://github.com/TryGhost/Ghost", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TryGhost/Ghost" }, { "reference_url": "https://github.com/TryGhost/Ghost/pull/17190", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:35:42Z/" } ], "url": "https://github.com/TryGhost/Ghost/pull/17190" }, { "reference_url": "https://github.com/TryGhost/Ghost/releases/tag/v5.76.0", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:35:42Z/" } ], "url": "https://github.com/TryGhost/Ghost/releases/tag/v5.76.0" }, { "reference_url": "https://github.com/yunaycompany/Ghost/commit/64d67717f7c76c77b3908e15627f473e9ef34002", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/yunaycompany/Ghost/commit/64d67717f7c76c77b3908e15627f473e9ef34002" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23725", "reference_id": "CVE-2024-23725", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23725" }, { "reference_url": "https://github.com/advisories/GHSA-fh38-9fgr-454w", "reference_id": "GHSA-fh38-9fgr-454w", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-fh38-9fgr-454w" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/68571?format=api", "purl": "pkg:npm/ghost@5.76.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ccc-5hyx-8bfy" }, { "vulnerability": "VCID-ayht-7ufu-17fa" }, { "vulnerability": "VCID-fjk7-enzv-a7hm" }, { "vulnerability": "VCID-gre3-rvmc-yfex" }, { "vulnerability": "VCID-vmjp-z3ex-eqcr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/ghost@5.76.0" } ], "aliases": [ "CVE-2024-23725", "GHSA-fh38-9fgr-454w" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gdm7-4ufz-kydq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45132?format=api", "vulnerability_id": "VCID-gnc6-cpen-4fd7", "summary": "Ghost vulnerable to information disclosure of private API fields\n### Impact\n\nDue to a lack of validation when filtering on the public API endpoints, it is possible to reveal private fields via a brute force attack.\n\nGhost(Pro) has already been patched. We can find no evidence that the issue was exploited on Ghost(Pro) prior to the patch being added.\n\nSelf-hosters are impacted if running Ghost a version below v5.46.1. Immediate action should be taken to secure your site - see patches and workarounds below.\n\n### Patches\n\nv5.46.1 contains a fix for this issue.\n\n### Workarounds\n\nAdd a block for requests to `/ghost/api/content/*` where the `filter` query parameter contains `password` or `email`.\n\n### For more information\n\nIf you have any questions or comments about this advisory:\n\n* Email us at [security@ghost.org](mailto:security@ghost.org)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-31133", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06897", "scoring_system": "epss", "scoring_elements": "0.91552", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.06897", "scoring_system": "epss", "scoring_elements": "0.91556", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.06897", "scoring_system": "epss", "scoring_elements": "0.91555", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.06897", "scoring_system": "epss", "scoring_elements": "0.91558", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.0717", "scoring_system": "epss", "scoring_elements": "0.91743", "published_at": "2026-06-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-31133" }, { "reference_url": "https://github.com/TryGhost/Ghost", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TryGhost/Ghost" }, { "reference_url": "https://github.com/TryGhost/Ghost/commit/b3caf16005289cc9909488391b4a26f3f4a66a90", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-29T14:53:14Z/" } ], "url": "https://github.com/TryGhost/Ghost/commit/b3caf16005289cc9909488391b4a26f3f4a66a90" }, { "reference_url": "https://github.com/TryGhost/Ghost/releases/tag/v5.46.1", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-29T14:53:14Z/" } ], "url": "https://github.com/TryGhost/Ghost/releases/tag/v5.46.1" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-31133", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-31133" }, { "reference_url": "https://github.com/advisories/GHSA-r97q-ghch-82j9", "reference_id": "GHSA-r97q-ghch-82j9", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-r97q-ghch-82j9" }, { "reference_url": "https://github.com/TryGhost/Ghost/security/advisories/GHSA-r97q-ghch-82j9", "reference_id": "GHSA-r97q-ghch-82j9", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-29T14:53:14Z/" } ], "url": "https://github.com/TryGhost/Ghost/security/advisories/GHSA-r97q-ghch-82j9" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/65060?format=api", "purl": "pkg:npm/ghost@5.46.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ccc-5hyx-8bfy" }, { "vulnerability": "VCID-ayht-7ufu-17fa" }, { "vulnerability": "VCID-fjk7-enzv-a7hm" }, { "vulnerability": "VCID-gdm7-4ufz-kydq" }, { "vulnerability": "VCID-gre3-rvmc-yfex" }, { "vulnerability": "VCID-q9ty-mpku-13fg" }, { "vulnerability": "VCID-vmjp-z3ex-eqcr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/ghost@5.46.1" } ], "aliases": [ "CVE-2023-31133", "GHSA-r97q-ghch-82j9" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gnc6-cpen-4fd7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/110813?format=api", "vulnerability_id": "VCID-nz5j-jdbu-2bd2", "summary": "Ghost vulnerable to remote code execution in locale setting change\n### Impact\n\nA [vulnerability](https://www.cve.org/CVERecord?id=CVE-2022-24785) in an upstream library means an authenticated attacker can abuse locale input to execute arbitrary commands from a file that has previously been uploaded using the file upload functionality in the post editor.\n\n### Patches\n\nFixed in 5.2.3, all 5.x sites should update as soon as possible.\nFixed in 4.48.2, all 4.x sites should update as soon as possible.\n\n### Workarounds\n\nPatched versions of Ghost add validation to the locale input to prevent execution of arbitrary files. Updating Ghost is the quickest complete solution.\n\nAs a workaround, if for any reason you cannot update your Ghost instance, you can block the `POST /ghost/api/admin/settings/` endpoint, which will also disable updating settings for your site.\n\n### For more information\n\nIf you have any questions or comments about this advisory:\n* Email us at [security@ghost.org](mailto:security@ghost.org)\n\n### Credits\n\n* devx00 - https://twitter.com/devx00", "references": [ { "reference_url": "https://github.com/TryGhost/Ghost", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TryGhost/Ghost" }, { "reference_url": "https://github.com/TryGhost/Ghost/security/advisories/GHSA-7v28-g2pq-ggg8", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TryGhost/Ghost/security/advisories/GHSA-7v28-g2pq-ggg8" }, { "reference_url": "https://github.com/advisories/GHSA-7v28-g2pq-ggg8", "reference_id": "GHSA-7v28-g2pq-ggg8", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-7v28-g2pq-ggg8" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/149589?format=api", "purl": "pkg:npm/ghost@4.48.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ccc-5hyx-8bfy" }, { "vulnerability": "VCID-ayht-7ufu-17fa" }, { "vulnerability": "VCID-gdm7-4ufz-kydq" }, { "vulnerability": "VCID-gnc6-cpen-4fd7" }, { "vulnerability": "VCID-gre3-rvmc-yfex" }, { "vulnerability": "VCID-q9ty-mpku-13fg" }, { "vulnerability": "VCID-qrjm-axkj-37c4" }, { "vulnerability": "VCID-veks-j6ht-hyga" }, { "vulnerability": "VCID-vmjp-z3ex-eqcr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/ghost@4.48.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/149590?format=api", "purl": "pkg:npm/ghost@5.2.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ccc-5hyx-8bfy" }, { "vulnerability": "VCID-ayht-7ufu-17fa" }, { "vulnerability": "VCID-gdm7-4ufz-kydq" }, { "vulnerability": "VCID-gnc6-cpen-4fd7" }, { "vulnerability": "VCID-gre3-rvmc-yfex" }, { "vulnerability": "VCID-q9ty-mpku-13fg" }, { "vulnerability": "VCID-qrjm-axkj-37c4" }, { "vulnerability": "VCID-veks-j6ht-hyga" }, { "vulnerability": "VCID-vmjp-z3ex-eqcr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/ghost@5.2.3" } ], "aliases": [ "GHSA-7v28-g2pq-ggg8", "GMS-2022-2237" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nz5j-jdbu-2bd2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45843?format=api", "vulnerability_id": "VCID-q9ty-mpku-13fg", "summary": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')\nGhost is an open source content management system. Versions prior to 5.59.1 are subject to a vulnerability which allows authenticated users to upload files that are symlinks. This can be exploited to perform an arbitrary file read of any file on the host operating system. Site administrators can check for exploitation of this issue by looking for unknown symlinks within Ghost's `content/` folder. Version 5.59.1 contains a fix for this issue. All users are advised to upgrade. There are no known workarounds for this vulnerability.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-40028", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.77606", "scoring_system": "epss", "scoring_elements": "0.99009", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.77606", "scoring_system": "epss", "scoring_elements": "0.9901", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.77606", "scoring_system": "epss", "scoring_elements": "0.99011", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-40028" }, { "reference_url": "https://github.com/TryGhost/Ghost", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TryGhost/Ghost" }, { "reference_url": "https://github.com/TryGhost/Ghost/commit/690fbf3f7302ff3f77159c0795928bdd20f41205", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T17:45:27Z/" } ], "url": "https://github.com/TryGhost/Ghost/commit/690fbf3f7302ff3f77159c0795928bdd20f41205" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52409.py", "reference_id": "CVE-2023-40028", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52409.py" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40028", "reference_id": "CVE-2023-40028", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40028" }, { "reference_url": "https://github.com/advisories/GHSA-9c9v-w225-v5rg", "reference_id": "GHSA-9c9v-w225-v5rg", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-9c9v-w225-v5rg" }, { "reference_url": "https://github.com/TryGhost/Ghost/security/advisories/GHSA-9c9v-w225-v5rg", "reference_id": "GHSA-9c9v-w225-v5rg", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T17:45:27Z/" } ], "url": "https://github.com/TryGhost/Ghost/security/advisories/GHSA-9c9v-w225-v5rg" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/66563?format=api", "purl": "pkg:npm/ghost@5.59.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ccc-5hyx-8bfy" }, { "vulnerability": "VCID-ayht-7ufu-17fa" }, { "vulnerability": "VCID-fjk7-enzv-a7hm" }, { "vulnerability": "VCID-gdm7-4ufz-kydq" }, { "vulnerability": "VCID-gre3-rvmc-yfex" }, { "vulnerability": "VCID-vmjp-z3ex-eqcr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/ghost@5.59.1" } ], "aliases": [ "CVE-2023-40028", "GHSA-9c9v-w225-v5rg" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q9ty-mpku-13fg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45123?format=api", "vulnerability_id": "VCID-qrjm-axkj-37c4", "summary": "Path Traversal in Ghost\nGhost before 5.42.1 allows remote attackers to read arbitrary files within the active theme's folder via /assets/built%2F..%2F..%2F/ directory traversal. This occurs in frontend/web/middleware/static-theme.js.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-32235", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.94094", "scoring_system": "epss", "scoring_elements": "0.99911", "published_at": "2026-06-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-32235" }, { "reference_url": "https://github.com/TryGhost/Ghost", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TryGhost/Ghost" }, { "reference_url": "https://github.com/TryGhost/Ghost/commit/378dd913aa8d0fd0da29b0ffced8884579598b0f", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-29T16:27:01Z/" } ], "url": "https://github.com/TryGhost/Ghost/commit/378dd913aa8d0fd0da29b0ffced8884579598b0f" }, { "reference_url": "https://github.com/TryGhost/Ghost/compare/v5.42.0...v5.42.1", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-29T16:27:01Z/" } ], "url": "https://github.com/TryGhost/Ghost/compare/v5.42.0...v5.42.1" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52408.py", "reference_id": "CVE-2023-32235", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52408.py" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-32235", "reference_id": "CVE-2023-32235", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-32235" }, { "reference_url": "https://github.com/advisories/GHSA-wf7x-fh6w-34r6", "reference_id": "GHSA-wf7x-fh6w-34r6", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-wf7x-fh6w-34r6" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/65054?format=api", "purl": "pkg:npm/ghost@5.42.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ccc-5hyx-8bfy" }, { "vulnerability": "VCID-ayht-7ufu-17fa" }, { "vulnerability": "VCID-gdm7-4ufz-kydq" }, { "vulnerability": "VCID-gnc6-cpen-4fd7" }, { "vulnerability": "VCID-gre3-rvmc-yfex" }, { "vulnerability": "VCID-q9ty-mpku-13fg" }, { "vulnerability": "VCID-vmjp-z3ex-eqcr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/ghost@5.42.1" } ], "aliases": [ "CVE-2023-32235", "GHSA-wf7x-fh6w-34r6" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qrjm-axkj-37c4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50233?format=api", "vulnerability_id": "VCID-vmjp-z3ex-eqcr", "summary": "Ghost has a SQL injection in Content API\nA SQL injection vulnerability existed in Ghost's Content API that allowed unauthenticated attackers to read arbitrary data from the database.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-26980", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.56657", "scoring_system": "epss", "scoring_elements": "0.98163", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.56657", "scoring_system": "epss", "scoring_elements": "0.98164", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-26980" }, { "reference_url": "https://blog.xlab.qianxin.com/ghost-cms-page-poisoning-cve-2026-26980", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://blog.xlab.qianxin.com/ghost-cms-page-poisoning-cve-2026-26980" }, { "reference_url": "https://github.com/TryGhost/Ghost", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TryGhost/Ghost" }, { "reference_url": "https://github.com/TryGhost/Ghost/commit/30868d632b2252b638bc8a4c8ebf73964592ed91", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-20T15:30:19Z/" } ], "url": "https://github.com/TryGhost/Ghost/commit/30868d632b2252b638bc8a4c8ebf73964592ed91" }, { "reference_url": "https://github.com/TryGhost/Ghost/releases/tag/v6.19.1", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-20T15:30:19Z/" } ], "url": "https://github.com/TryGhost/Ghost/releases/tag/v6.19.1" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52555.txt", "reference_id": "CVE-2026-26980", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52555.txt" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26980", "reference_id": "CVE-2026-26980", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26980" }, { "reference_url": "https://github.com/advisories/GHSA-w52v-v783-gw97", "reference_id": "GHSA-w52v-v783-gw97", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-w52v-v783-gw97" }, { "reference_url": "https://github.com/TryGhost/Ghost/security/advisories/GHSA-w52v-v783-gw97", "reference_id": "GHSA-w52v-v783-gw97", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-20T15:30:19Z/" } ], "url": "https://github.com/TryGhost/Ghost/security/advisories/GHSA-w52v-v783-gw97" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74127?format=api", "purl": "pkg:npm/ghost@6.19.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rdn5-yatw-jfcf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/ghost@6.19.1" } ], "aliases": [ "CVE-2026-26980", "GHSA-w52v-v783-gw97" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vmjp-z3ex-eqcr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41486?format=api", "vulnerability_id": "VCID-wv6g-5a6k-gfhp", "summary": "Remote command injection when using sendmail email transport\n### Impact\n\nSites using the `sendmail` transport as part of their `mail` config are vulnerable to remote command injection due to a [vulnerability](https://github.com/advisories/GHSA-48ww-j4fc-435p) in the `nodemailer` dependency.\n\nGhost defaults to the `direct` transport so this is only exploitable if the `sendmail` transport is explicitly used.\n\n### Patches\n\nFixed in 4.15.0, all sites should upgrade as soon as possible.\n\n### Workarounds\n\n* Use an alternative email transport as described in the [docs](https://ghost.org/docs/config/#mail). \n\n### For more information\n\nIf you have any questions or comments about this advisory:\n\n* email us at security@ghost.org", "references": [ { "reference_url": "https://github.com/TryGhost/Ghost", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TryGhost/Ghost" }, { "reference_url": "https://github.com/TryGhost/Ghost/commit/93e4b2eafd18bc8e4c17924e0824e73617e7940c", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TryGhost/Ghost/commit/93e4b2eafd18bc8e4c17924e0824e73617e7940c" }, { "reference_url": "https://github.com/advisories/GHSA-48ww-j4fc-435p", "reference_id": "GHSA-48ww-j4fc-435p", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-48ww-j4fc-435p" }, { "reference_url": "https://github.com/advisories/GHSA-wfrj-qqc2-83cm", "reference_id": "GHSA-wfrj-qqc2-83cm", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-wfrj-qqc2-83cm" }, { "reference_url": "https://github.com/TryGhost/Ghost/security/advisories/GHSA-wfrj-qqc2-83cm", "reference_id": "GHSA-wfrj-qqc2-83cm", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TryGhost/Ghost/security/advisories/GHSA-wfrj-qqc2-83cm" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/59045?format=api", "purl": "pkg:npm/ghost@4.15.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ccc-5hyx-8bfy" }, { "vulnerability": "VCID-5rgb-wg1q-7kgz" }, { "vulnerability": "VCID-ayht-7ufu-17fa" }, { "vulnerability": "VCID-gdm7-4ufz-kydq" }, { "vulnerability": "VCID-gnc6-cpen-4fd7" }, { "vulnerability": "VCID-nz5j-jdbu-2bd2" }, { "vulnerability": "VCID-q9ty-mpku-13fg" }, { "vulnerability": "VCID-qrjm-axkj-37c4" }, { "vulnerability": "VCID-vmjp-z3ex-eqcr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/ghost@4.15.0" } ], "aliases": [ "GHSA-wfrj-qqc2-83cm", "GMS-2021-182" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wv6g-5a6k-gfhp" } ], "fixing_vulnerabilities": [], "risk_score": "10.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/ghost@4.6.5" }