Ghost CMS Exploits Surge Through Unpatched SQLi Flaw
Source: Aicerts.Ai
Published:
<p>Researchers at QiAnXin XLab first detected unusual traffic on 7 May 2026. Subsequently, they linked the spikes to automated Ghost CMS Exploits targeting the Content API. The patch for CVE-2026-26980 had been available since 16 February 2026. Nevertheless, many site owners delayed upgrades. Moreov