CVE-2026-26980 being exploited
Source: www.sentinelone.com
Published:
<p>CVE-2026-26980 is a SQL Injection vulnerability affecting Ghost, a popular Node.js content management system. The vulnerability exists in the Content API's slug filter ordering functionality, allowing unauthenticated attackers to perform arbitrary reads from the database. This flaw impacts versio