Skip to content

CVE lookup

CVE-2026-26980

Pruva has a verified reproduction for CVE-2026-26980: Ghost CMS: Unauthenticated SQL Injection in Content API Slug Filter. The canonical evidence record is REPRO-2026-00091.

REPRO

REPRO-2026-00091

Package

ghost · npm

Severity

CRITICAL

Status

published