Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/536149?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/536149?format=api", "purl": "pkg:npm/ghost@3.41.6", "type": "npm", "namespace": "", "name": "ghost", "version": "3.41.6", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "6.19.3", "latest_non_vulnerable_version": "6.19.3", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50641?format=api", "vulnerability_id": "VCID-3ccc-5hyx-8bfy", "summary": "Ghost Vulnerable to Remote Code Execution via Malicious Themes\nSpecifically crafted malicious themes can execute arbitrary code on the server running Ghost.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-29053", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.0922", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.09191", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.09162", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.0924", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.09221", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-29053" }, { "reference_url": "https://github.com/TryGhost/Ghost", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TryGhost/Ghost" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29053", "reference_id": "CVE-2026-29053", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29053" }, { "reference_url": "https://github.com/advisories/GHSA-cgc2-rcrh-qr5x", "reference_id": "GHSA-cgc2-rcrh-qr5x", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-cgc2-rcrh-qr5x" }, { "reference_url": "https://github.com/TryGhost/Ghost/security/advisories/GHSA-cgc2-rcrh-qr5x", "reference_id": "GHSA-cgc2-rcrh-qr5x", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H" }, { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-05T15:29:20Z/" } ], "url": "https://github.com/TryGhost/Ghost/security/advisories/GHSA-cgc2-rcrh-qr5x" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74127?format=api", "purl": "pkg:npm/ghost@6.19.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rdn5-yatw-jfcf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/ghost@6.19.1" } ], "aliases": [ "CVE-2026-29053", "GHSA-cgc2-rcrh-qr5x" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3ccc-5hyx-8bfy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41502?format=api", "vulnerability_id": "VCID-5rgb-wg1q-7kgz", "summary": "Member account takeover\n### Impact\n\nAn error in the implementation of the member email change functionality allows unauthenticated users to change the email address of arbitrary member accounts to one they control by crafting a request to the relevant API endpoint, and validating the new address via magic link sent to the new email address.\n\nGhost(Pro) has already been patched. Self-hosters are impacted if running Ghost a version between 3.18.0 and 4.15.0 with members functionality enabled.\n\n### Patches\n\nFixed in 4.15.1, all 4.x sites should upgrade as soon as possible.\nFixed in 3.42.6, all 3.x sites should upgrade as soon as possible.\n\n### Workarounds\n\nThe patch in 4.15.1 and 3.42.6 adds a new authenticated endpoint for updating member email addresses. Updating Ghost is the quickest complete solution.\n\nAs a workaround, if for any reason you cannot update your Ghost instance, you can block the `POST /members/api/send-magic-link/` endpoint, which will also disable member login and signup for your site.\n\n### For more information\n\nIf you have any questions or comments about this advisory:\n* Email us at [security@ghost.org](mailto:security@ghost.org)", "references": [ { "reference_url": "https://github.com/TryGhost/Ghost", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TryGhost/Ghost" }, { "reference_url": "https://github.com/advisories/GHSA-65p7-pjj8-ggmr", "reference_id": "GHSA-65p7-pjj8-ggmr", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-65p7-pjj8-ggmr" }, { "reference_url": "https://github.com/TryGhost/Ghost/security/advisories/GHSA-65p7-pjj8-ggmr", "reference_id": "GHSA-65p7-pjj8-ggmr", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TryGhost/Ghost/security/advisories/GHSA-65p7-pjj8-ggmr" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/59126?format=api", "purl": "pkg:npm/ghost@3.42.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ccc-5hyx-8bfy" }, { "vulnerability": "VCID-ayht-7ufu-17fa" }, { "vulnerability": "VCID-gdm7-4ufz-kydq" }, { "vulnerability": "VCID-gnc6-cpen-4fd7" }, { "vulnerability": "VCID-nz5j-jdbu-2bd2" }, { "vulnerability": "VCID-q9ty-mpku-13fg" }, { "vulnerability": "VCID-qrjm-axkj-37c4" }, { "vulnerability": "VCID-vmjp-z3ex-eqcr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/ghost@3.42.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/536159?format=api", "purl": "pkg:npm/ghost@4.0.0-alpha.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ccc-5hyx-8bfy" }, { "vulnerability": "VCID-ayht-7ufu-17fa" }, { "vulnerability": "VCID-gdm7-4ufz-kydq" }, { "vulnerability": "VCID-gnc6-cpen-4fd7" }, { "vulnerability": "VCID-nz5j-jdbu-2bd2" }, { "vulnerability": "VCID-q9ty-mpku-13fg" }, { "vulnerability": "VCID-qrjm-axkj-37c4" }, { "vulnerability": "VCID-vmjp-z3ex-eqcr" }, { "vulnerability": "VCID-wv6g-5a6k-gfhp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/ghost@4.0.0-alpha.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/59127?format=api", "purl": "pkg:npm/ghost@4.15.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ccc-5hyx-8bfy" }, { "vulnerability": "VCID-ayht-7ufu-17fa" }, { "vulnerability": "VCID-gdm7-4ufz-kydq" }, { "vulnerability": "VCID-gnc6-cpen-4fd7" }, { "vulnerability": "VCID-nz5j-jdbu-2bd2" }, { "vulnerability": "VCID-q9ty-mpku-13fg" }, { "vulnerability": "VCID-qrjm-axkj-37c4" }, { "vulnerability": "VCID-vmjp-z3ex-eqcr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/ghost@4.15.1" } ], "aliases": [ "GHSA-65p7-pjj8-ggmr", "GMS-2021-181" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5rgb-wg1q-7kgz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46996?format=api", "vulnerability_id": "VCID-ayht-7ufu-17fa", "summary": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nGhost through 5.76.0 allows stored XSS, and resultant privilege escalation in which a contributor can take over any account, via an SVG profile picture that contains JavaScript code to interact with the API on localhost TCP port 3001. NOTE: The discoverer reports that \"The vendor does not view this as a valid vector.\"", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-23724", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.38375", "scoring_system": "epss", "scoring_elements": "0.97326", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.38375", "scoring_system": "epss", "scoring_elements": "0.97325", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.38375", "scoring_system": "epss", "scoring_elements": "0.97323", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-23724" }, { "reference_url": "https://github.com/TryGhost/Ghost", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TryGhost/Ghost" }, { "reference_url": "https://github.com/TryGhost/Ghost/pull/19646", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-12T17:17:21Z/" } ], "url": "https://github.com/TryGhost/Ghost/pull/19646" }, { "reference_url": "https://rhinosecuritylabs.com/blog", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://rhinosecuritylabs.com/blog" }, { "reference_url": "https://rhinosecuritylabs.com/blog/", "reference_id": "blog", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-12T17:17:21Z/" } ], "url": "https://rhinosecuritylabs.com/blog/" }, { "reference_url": "https://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2024-23724", "reference_id": "CVE-2024-23724", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-12T17:17:21Z/" } ], "url": "https://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2024-23724" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23724", "reference_id": "CVE-2024-23724", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23724" }, { "reference_url": "https://github.com/advisories/GHSA-99vc-xw8j-phjm", "reference_id": "GHSA-99vc-xw8j-phjm", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-99vc-xw8j-phjm" } ], "fixed_packages": [], "aliases": [ "CVE-2024-23724", "GHSA-99vc-xw8j-phjm" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ayht-7ufu-17fa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46868?format=api", "vulnerability_id": "VCID-gdm7-4ufz-kydq", "summary": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nGhost before 5.76.0 allows XSS via a post excerpt in excerpt.js. An XSS payload can be rendered in post summaries.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-23725", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.29619", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.296", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.29688", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.29652", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.29586", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-23725" }, { "reference_url": "https://github.com/TryGhost/Ghost", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TryGhost/Ghost" }, { "reference_url": "https://github.com/TryGhost/Ghost/pull/17190", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:35:42Z/" } ], "url": "https://github.com/TryGhost/Ghost/pull/17190" }, { "reference_url": "https://github.com/TryGhost/Ghost/releases/tag/v5.76.0", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:35:42Z/" } ], "url": "https://github.com/TryGhost/Ghost/releases/tag/v5.76.0" }, { "reference_url": "https://github.com/yunaycompany/Ghost/commit/64d67717f7c76c77b3908e15627f473e9ef34002", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/yunaycompany/Ghost/commit/64d67717f7c76c77b3908e15627f473e9ef34002" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23725", "reference_id": "CVE-2024-23725", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23725" }, { "reference_url": "https://github.com/advisories/GHSA-fh38-9fgr-454w", "reference_id": "GHSA-fh38-9fgr-454w", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-fh38-9fgr-454w" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/68571?format=api", "purl": "pkg:npm/ghost@5.76.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ccc-5hyx-8bfy" }, { "vulnerability": "VCID-ayht-7ufu-17fa" }, { "vulnerability": "VCID-fjk7-enzv-a7hm" }, { "vulnerability": "VCID-gre3-rvmc-yfex" }, { "vulnerability": "VCID-vmjp-z3ex-eqcr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/ghost@5.76.0" } ], "aliases": [ "CVE-2024-23725", "GHSA-fh38-9fgr-454w" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gdm7-4ufz-kydq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45132?format=api", "vulnerability_id": "VCID-gnc6-cpen-4fd7", "summary": "Ghost vulnerable to information disclosure of private API fields\n### Impact\n\nDue to a lack of validation when filtering on the public API endpoints, it is possible to reveal private fields via a brute force attack.\n\nGhost(Pro) has already been patched. We can find no evidence that the issue was exploited on Ghost(Pro) prior to the patch being added.\n\nSelf-hosters are impacted if running Ghost a version below v5.46.1. Immediate action should be taken to secure your site - see patches and workarounds below.\n\n### Patches\n\nv5.46.1 contains a fix for this issue.\n\n### Workarounds\n\nAdd a block for requests to `/ghost/api/content/*` where the `filter` query parameter contains `password` or `email`.\n\n### For more information\n\nIf you have any questions or comments about this advisory:\n\n* Email us at [security@ghost.org](mailto:security@ghost.org)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-31133", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06897", "scoring_system": "epss", "scoring_elements": "0.91552", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.06897", "scoring_system": "epss", "scoring_elements": "0.91556", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.06897", "scoring_system": "epss", "scoring_elements": "0.91555", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.06897", "scoring_system": "epss", "scoring_elements": "0.91558", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.0717", "scoring_system": "epss", "scoring_elements": "0.91743", "published_at": "2026-06-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-31133" }, { "reference_url": "https://github.com/TryGhost/Ghost", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TryGhost/Ghost" }, { "reference_url": "https://github.com/TryGhost/Ghost/commit/b3caf16005289cc9909488391b4a26f3f4a66a90", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-29T14:53:14Z/" } ], "url": "https://github.com/TryGhost/Ghost/commit/b3caf16005289cc9909488391b4a26f3f4a66a90" }, { "reference_url": "https://github.com/TryGhost/Ghost/releases/tag/v5.46.1", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-29T14:53:14Z/" } ], "url": "https://github.com/TryGhost/Ghost/releases/tag/v5.46.1" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-31133", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-31133" }, { "reference_url": "https://github.com/advisories/GHSA-r97q-ghch-82j9", "reference_id": "GHSA-r97q-ghch-82j9", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-r97q-ghch-82j9" }, { "reference_url": "https://github.com/TryGhost/Ghost/security/advisories/GHSA-r97q-ghch-82j9", "reference_id": "GHSA-r97q-ghch-82j9", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-29T14:53:14Z/" } ], "url": "https://github.com/TryGhost/Ghost/security/advisories/GHSA-r97q-ghch-82j9" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/65060?format=api", "purl": "pkg:npm/ghost@5.46.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ccc-5hyx-8bfy" }, { "vulnerability": "VCID-ayht-7ufu-17fa" }, { "vulnerability": "VCID-fjk7-enzv-a7hm" }, { "vulnerability": "VCID-gdm7-4ufz-kydq" }, { "vulnerability": "VCID-gre3-rvmc-yfex" }, { "vulnerability": "VCID-q9ty-mpku-13fg" }, { "vulnerability": "VCID-vmjp-z3ex-eqcr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/ghost@5.46.1" } ], "aliases": [ "CVE-2023-31133", "GHSA-r97q-ghch-82j9" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gnc6-cpen-4fd7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/110813?format=api", "vulnerability_id": "VCID-nz5j-jdbu-2bd2", "summary": "Ghost vulnerable to remote code execution in locale setting change\n### Impact\n\nA [vulnerability](https://www.cve.org/CVERecord?id=CVE-2022-24785) in an upstream library means an authenticated attacker can abuse locale input to execute arbitrary commands from a file that has previously been uploaded using the file upload functionality in the post editor.\n\n### Patches\n\nFixed in 5.2.3, all 5.x sites should update as soon as possible.\nFixed in 4.48.2, all 4.x sites should update as soon as possible.\n\n### Workarounds\n\nPatched versions of Ghost add validation to the locale input to prevent execution of arbitrary files. Updating Ghost is the quickest complete solution.\n\nAs a workaround, if for any reason you cannot update your Ghost instance, you can block the `POST /ghost/api/admin/settings/` endpoint, which will also disable updating settings for your site.\n\n### For more information\n\nIf you have any questions or comments about this advisory:\n* Email us at [security@ghost.org](mailto:security@ghost.org)\n\n### Credits\n\n* devx00 - https://twitter.com/devx00", "references": [ { "reference_url": "https://github.com/TryGhost/Ghost", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TryGhost/Ghost" }, { "reference_url": "https://github.com/TryGhost/Ghost/security/advisories/GHSA-7v28-g2pq-ggg8", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TryGhost/Ghost/security/advisories/GHSA-7v28-g2pq-ggg8" }, { "reference_url": "https://github.com/advisories/GHSA-7v28-g2pq-ggg8", "reference_id": "GHSA-7v28-g2pq-ggg8", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-7v28-g2pq-ggg8" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/149589?format=api", "purl": "pkg:npm/ghost@4.48.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ccc-5hyx-8bfy" }, { "vulnerability": "VCID-ayht-7ufu-17fa" }, { "vulnerability": "VCID-gdm7-4ufz-kydq" }, { "vulnerability": "VCID-gnc6-cpen-4fd7" }, { "vulnerability": "VCID-gre3-rvmc-yfex" }, { "vulnerability": "VCID-q9ty-mpku-13fg" }, { "vulnerability": "VCID-qrjm-axkj-37c4" }, { "vulnerability": "VCID-veks-j6ht-hyga" }, { "vulnerability": "VCID-vmjp-z3ex-eqcr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/ghost@4.48.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/149590?format=api", "purl": "pkg:npm/ghost@5.2.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ccc-5hyx-8bfy" }, { "vulnerability": "VCID-ayht-7ufu-17fa" }, { "vulnerability": "VCID-gdm7-4ufz-kydq" }, { "vulnerability": "VCID-gnc6-cpen-4fd7" }, { "vulnerability": "VCID-gre3-rvmc-yfex" }, { "vulnerability": "VCID-q9ty-mpku-13fg" }, { "vulnerability": "VCID-qrjm-axkj-37c4" }, { "vulnerability": "VCID-veks-j6ht-hyga" }, { "vulnerability": "VCID-vmjp-z3ex-eqcr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/ghost@5.2.3" } ], "aliases": [ "GHSA-7v28-g2pq-ggg8", "GMS-2022-2237" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nz5j-jdbu-2bd2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45843?format=api", "vulnerability_id": "VCID-q9ty-mpku-13fg", "summary": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')\nGhost is an open source content management system. Versions prior to 5.59.1 are subject to a vulnerability which allows authenticated users to upload files that are symlinks. This can be exploited to perform an arbitrary file read of any file on the host operating system. Site administrators can check for exploitation of this issue by looking for unknown symlinks within Ghost's `content/` folder. Version 5.59.1 contains a fix for this issue. All users are advised to upgrade. There are no known workarounds for this vulnerability.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-40028", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.77606", "scoring_system": "epss", "scoring_elements": "0.99009", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.77606", "scoring_system": "epss", "scoring_elements": "0.9901", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.77606", "scoring_system": "epss", "scoring_elements": "0.99011", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-40028" }, { "reference_url": "https://github.com/TryGhost/Ghost", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TryGhost/Ghost" }, { "reference_url": "https://github.com/TryGhost/Ghost/commit/690fbf3f7302ff3f77159c0795928bdd20f41205", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T17:45:27Z/" } ], "url": "https://github.com/TryGhost/Ghost/commit/690fbf3f7302ff3f77159c0795928bdd20f41205" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52409.py", "reference_id": "CVE-2023-40028", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52409.py" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40028", "reference_id": "CVE-2023-40028", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40028" }, { "reference_url": "https://github.com/advisories/GHSA-9c9v-w225-v5rg", "reference_id": "GHSA-9c9v-w225-v5rg", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-9c9v-w225-v5rg" }, { "reference_url": "https://github.com/TryGhost/Ghost/security/advisories/GHSA-9c9v-w225-v5rg", "reference_id": "GHSA-9c9v-w225-v5rg", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T17:45:27Z/" } ], "url": "https://github.com/TryGhost/Ghost/security/advisories/GHSA-9c9v-w225-v5rg" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/66563?format=api", "purl": "pkg:npm/ghost@5.59.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ccc-5hyx-8bfy" }, { "vulnerability": "VCID-ayht-7ufu-17fa" }, { "vulnerability": "VCID-fjk7-enzv-a7hm" }, { "vulnerability": "VCID-gdm7-4ufz-kydq" }, { "vulnerability": "VCID-gre3-rvmc-yfex" }, { "vulnerability": "VCID-vmjp-z3ex-eqcr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/ghost@5.59.1" } ], "aliases": [ "CVE-2023-40028", "GHSA-9c9v-w225-v5rg" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q9ty-mpku-13fg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45123?format=api", "vulnerability_id": "VCID-qrjm-axkj-37c4", "summary": "Path Traversal in Ghost\nGhost before 5.42.1 allows remote attackers to read arbitrary files within the active theme's folder via /assets/built%2F..%2F..%2F/ directory traversal. This occurs in frontend/web/middleware/static-theme.js.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-32235", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.94094", "scoring_system": "epss", "scoring_elements": "0.99911", "published_at": "2026-06-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-32235" }, { "reference_url": "https://github.com/TryGhost/Ghost", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TryGhost/Ghost" }, { "reference_url": "https://github.com/TryGhost/Ghost/commit/378dd913aa8d0fd0da29b0ffced8884579598b0f", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-29T16:27:01Z/" } ], "url": "https://github.com/TryGhost/Ghost/commit/378dd913aa8d0fd0da29b0ffced8884579598b0f" }, { "reference_url": "https://github.com/TryGhost/Ghost/compare/v5.42.0...v5.42.1", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-29T16:27:01Z/" } ], "url": "https://github.com/TryGhost/Ghost/compare/v5.42.0...v5.42.1" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52408.py", "reference_id": "CVE-2023-32235", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52408.py" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-32235", "reference_id": "CVE-2023-32235", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-32235" }, { "reference_url": "https://github.com/advisories/GHSA-wf7x-fh6w-34r6", "reference_id": "GHSA-wf7x-fh6w-34r6", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-wf7x-fh6w-34r6" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/65054?format=api", "purl": "pkg:npm/ghost@5.42.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ccc-5hyx-8bfy" }, { "vulnerability": "VCID-ayht-7ufu-17fa" }, { "vulnerability": "VCID-gdm7-4ufz-kydq" }, { "vulnerability": "VCID-gnc6-cpen-4fd7" }, { "vulnerability": "VCID-gre3-rvmc-yfex" }, { "vulnerability": "VCID-q9ty-mpku-13fg" }, { "vulnerability": "VCID-vmjp-z3ex-eqcr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/ghost@5.42.1" } ], "aliases": [ "CVE-2023-32235", "GHSA-wf7x-fh6w-34r6" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qrjm-axkj-37c4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50233?format=api", "vulnerability_id": "VCID-vmjp-z3ex-eqcr", "summary": "Ghost has a SQL injection in Content API\nA SQL injection vulnerability existed in Ghost's Content API that allowed unauthenticated attackers to read arbitrary data from the database.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-26980", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.56657", "scoring_system": "epss", "scoring_elements": "0.98163", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.56657", "scoring_system": "epss", "scoring_elements": "0.98164", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-26980" }, { "reference_url": "https://blog.xlab.qianxin.com/ghost-cms-page-poisoning-cve-2026-26980", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://blog.xlab.qianxin.com/ghost-cms-page-poisoning-cve-2026-26980" }, { "reference_url": "https://github.com/TryGhost/Ghost", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TryGhost/Ghost" }, { "reference_url": "https://github.com/TryGhost/Ghost/commit/30868d632b2252b638bc8a4c8ebf73964592ed91", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-20T15:30:19Z/" } ], "url": "https://github.com/TryGhost/Ghost/commit/30868d632b2252b638bc8a4c8ebf73964592ed91" }, { "reference_url": "https://github.com/TryGhost/Ghost/releases/tag/v6.19.1", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-20T15:30:19Z/" } ], "url": "https://github.com/TryGhost/Ghost/releases/tag/v6.19.1" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52555.txt", "reference_id": "CVE-2026-26980", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52555.txt" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26980", "reference_id": "CVE-2026-26980", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26980" }, { "reference_url": "https://github.com/advisories/GHSA-w52v-v783-gw97", "reference_id": "GHSA-w52v-v783-gw97", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-w52v-v783-gw97" }, { "reference_url": "https://github.com/TryGhost/Ghost/security/advisories/GHSA-w52v-v783-gw97", "reference_id": "GHSA-w52v-v783-gw97", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-20T15:30:19Z/" } ], "url": "https://github.com/TryGhost/Ghost/security/advisories/GHSA-w52v-v783-gw97" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74127?format=api", "purl": "pkg:npm/ghost@6.19.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rdn5-yatw-jfcf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/ghost@6.19.1" } ], "aliases": [ "CVE-2026-26980", "GHSA-w52v-v783-gw97" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vmjp-z3ex-eqcr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41486?format=api", "vulnerability_id": "VCID-wv6g-5a6k-gfhp", "summary": "Remote command injection when using sendmail email transport\n### Impact\n\nSites using the `sendmail` transport as part of their `mail` config are vulnerable to remote command injection due to a [vulnerability](https://github.com/advisories/GHSA-48ww-j4fc-435p) in the `nodemailer` dependency.\n\nGhost defaults to the `direct` transport so this is only exploitable if the `sendmail` transport is explicitly used.\n\n### Patches\n\nFixed in 4.15.0, all sites should upgrade as soon as possible.\n\n### Workarounds\n\n* Use an alternative email transport as described in the [docs](https://ghost.org/docs/config/#mail). \n\n### For more information\n\nIf you have any questions or comments about this advisory:\n\n* email us at security@ghost.org", "references": [ { "reference_url": "https://github.com/TryGhost/Ghost", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TryGhost/Ghost" }, { "reference_url": "https://github.com/TryGhost/Ghost/commit/93e4b2eafd18bc8e4c17924e0824e73617e7940c", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TryGhost/Ghost/commit/93e4b2eafd18bc8e4c17924e0824e73617e7940c" }, { "reference_url": "https://github.com/advisories/GHSA-48ww-j4fc-435p", "reference_id": "GHSA-48ww-j4fc-435p", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-48ww-j4fc-435p" }, { "reference_url": "https://github.com/advisories/GHSA-wfrj-qqc2-83cm", "reference_id": "GHSA-wfrj-qqc2-83cm", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-wfrj-qqc2-83cm" }, { "reference_url": "https://github.com/TryGhost/Ghost/security/advisories/GHSA-wfrj-qqc2-83cm", "reference_id": "GHSA-wfrj-qqc2-83cm", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TryGhost/Ghost/security/advisories/GHSA-wfrj-qqc2-83cm" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/59045?format=api", "purl": "pkg:npm/ghost@4.15.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ccc-5hyx-8bfy" }, { "vulnerability": "VCID-5rgb-wg1q-7kgz" }, { "vulnerability": "VCID-ayht-7ufu-17fa" }, { "vulnerability": "VCID-gdm7-4ufz-kydq" }, { "vulnerability": "VCID-gnc6-cpen-4fd7" }, { "vulnerability": "VCID-nz5j-jdbu-2bd2" }, { "vulnerability": "VCID-q9ty-mpku-13fg" }, { "vulnerability": "VCID-qrjm-axkj-37c4" }, { "vulnerability": "VCID-vmjp-z3ex-eqcr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/ghost@4.15.0" } ], "aliases": [ "GHSA-wfrj-qqc2-83cm", "GMS-2021-182" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wv6g-5a6k-gfhp" } ], "fixing_vulnerabilities": [], "risk_score": "10.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/ghost@3.41.6" }