Ghost CMS Content API unauthenticated SQLi (CVE-2026-26980) mass-exploited in ClickFix campaign

cve · CVE-2026-26980

Coverage timeline

first 2026-05-25 → last 2026-05-25

Briefs

1 distinct

Sources cited

9 hosts

Sections touched

active_threats, deep_dive, trending_vulns

Co-occurring entities

see Related entities below

Story timeline

2026-05-25CTI Daily Brief — 2026-05-25
active_threats700+ self-hosted Ghost sites compromised; admin API key theft to JS injection to ClickFix lure (Harvard/Oxford/Auburn/DuckDuckGo named)
2026-05-25CTI Daily Brief — 2026-05-25
trending_vulnsCVSS 9.4 pre-auth SQLi in Content API slug filter; affected 3.24.0-6.19.0, fixed 6.19.1; ITW exploited
2026-05-25CTI Daily Brief — 2026-05-25
deep_diveFull SQLi to admin-key to content-injection to ClickFix kill chain with ATT&CK + detection

Where this entity is cited

active_threats1
trending_vulns1
deep_dive1

Source distribution

attack.mitre.org6 (40%)
thehackernews.com2 (13%)
bleepingcomputer.com1 (7%)
blog.xlab.qianxin.com1 (7%)
github.com1 (7%)
microsoft.com1 (7%)
scworld.com1 (7%)
securityweek.com1 (7%)
other1 (7%)

Related entities

SentinelOne — Living Off the Pipeline CI/CD subversion taxonomy with three case studies (TeamCity / GitLab service-account / Contagious Interview)
campaignresearch:sentinelone-living-off-the-pipeline-2026×1

External references

NVD · cve.org · CISA KEV

All cited sources (15)

Items in briefs about Ghost CMS Content API unauthenticated SQLi (CVE-2026-26980) mass-exploited in ClickFix campaign (1)

CVE-2026-26980 — Ghost CMS Content API: unauthenticated blind SQL injection in the `slug` filter, actively exploited

From CTI Daily Brief — 2026-05-25 · published 2026-05-25 · view item permalink →

CVE-2026-26980 is an unauthenticated SQL injection (CWE-89) scored CVSS 9.4 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L) in Ghost's Content API. The defect sits in the handling of the slug filter parameter, which is interpolated into a raw SQL fragment without parameterisation; a remote attacker with no authentication can perform boolean-based blind extraction of arbitrary database contents — critically the admin API key, which then grants full content-management scope over articles, themes and users (GitHub Security Advisory GHSA-w52v-v783-gw97). Affected versions span Ghost 3.24.0 through 6.19.0 (a roughly three-year release range); the fix shipped in 6.19.1 on 19 February 2026. Ghost(Pro) cloud instances were patched server-side; self-hosted operators must upgrade themselves, which is the exposed long tail the current campaign targets (BleepingComputer, 2026-05-24).

The CVE clears the § 2 bar on exploitation: SentinelOne documented in-the-wild exploitation as early as 27 February, and XLab confirmed the present large-scale wave (700+ compromised domains) on 21 May (XLab Qianxin, 2026-05-21). Mitigation: upgrade to 6.19.1 or later. Interim compensating controls — block Content API requests whose query string contains slug:[ (URL-encoded slug%3A%5B) at the WAF and restrict or disable the public Content API to trusted origins; the vendor mitigation targets exactly that request pattern. Because the admin API key is the exfiltration target, treat it as compromised on any exposed instance and rotate it after patching, then audit posts and themes for injected JavaScript. Full kill chain and detection in § 5.

CVE Summary Table

CVE	Product	CVSS	EPSS	KEV	Exploited	Patch	Source
CVE-2026-26980	Ghost CMS (Content API)	9.4	n/a	No	Yes (ITW, 700+ sites)	v6.19.1	GHSA-w52v-v783-gw97