ghost-cms

May 24, 2026

Ghost CMS SQL Injection CVE-2026-26980 Exploited

CVE-2026-26980 in Ghost CMS is being actively exploited in a ClickFix campaign hitting 700+ domains. Here's what happened and how to protect your site.