Ghost CMS CVE-2026-26980 Mass Attack Hijacks 700+ Sites for ClickFix Malware Campaigns
Source: Rescana
Published:
<p>A critical vulnerability, CVE-2026-26980 , has been actively exploited in the wild, targeting the Ghost CMS platform. This unauthenticated blind SQL injection flaw in the Ghost CMS Content API (versions 3.24.0 through 6.19.0) has enabled threat actors to compromise over 700 websites globally. Att