Lucene search
K

1800 matches found

CVE
CVE
added 2026/06/24 6:6 p.m.8 views

CVE-2026-53948

CVE-2026-53948 affects Ghost CMS (Node.js) due to insufficient validation of the client-supplied Content-Type on the Admin API file upload endpoint. Between 6.19.4 and 6.21.1, uploaded files could be served with an attacker-chosen content type on S3/GCS storage backends, and in installations serv...

5.4CVSS5.6AI score0.00133EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/24 6:6 p.m.30 views

CVE-2026-53948 Ghost: File Upload Content-Type Spoofing

Ghost is a Node.js content management system. From 6.19.4 until 6.21.1, insufficient validation of the client-supplied Content-Type on Ghost's Admin API file upload endpoint allowed uploaded files to be served from the site with an attacker-chosen content type on S3/GCS storage backends. On...

5.4CVSS0.00133EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/24 6:5 p.m.29 views

CVE-2026-53949 Ghost Content API filter bypass reveals private fields

Ghost is a Node.js content management system. From 5.46.1 until 6.21.2, the validation applied to filters on the public API endpoints could be partially bypassed, making it possible to reveal private fields via a brute force attack. If SQLite was used as the database password hashes were fully...

5.3CVSS0.00214EPSS
Exploits0References1
CVE
CVE
added 2026/06/24 6:5 p.m.15 views

CVE-2026-53949

Summary (CVE-2026-53949) Ghost CMS (Node.js). Affected versions: 5.46.1–6.21.2. Description: validation on filters for public API endpoints could be partially bypassed, enabling disclosure of private fields via brute-force. Impact depends on database: with SQLite, password hashes were fully acces...

5.3CVSS5.8AI score0.00214EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/24 6:4 p.m.31 views

CVE-2026-53950 @tryghost/activitypub: XSS in Ghost's ActivityPub client

@tryghost/activitypub is Ghost’s social/federation client app. Prior to 3.1.0, the ActivityPub client in Ghost was vulnerable to JavaScript injection on posts shared by a maliciously customised ActivityPub server. This vulnerability is fixed in 3.1.0...

7.5CVSS0.00204EPSS
Exploits0References1
CVE
CVE
added 2026/06/24 6:4 p.m.11 views

CVE-2026-53950

CVE-2026-53950 affects @tryghost/activitypub (Ghost’s ActivityPub client). Before 3.1.0, the ActivityPub client was susceptible to JavaScript injection on posts shared from a maliciously customized ActivityPub server. The issue is fixed in 3.1.0. The associated metrics indicate a high-severity im...

7.5CVSS5.9AI score0.00204EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.12 views

PT-2026-52068

Name of the Vulnerable Software and Affected Versions Ghost versions 6.0.9 through 6.21.0 Description Ghost is a Node.js content management system. An issue exists where the IP filter designed to prevent external requests from reaching internal services can be bypassed. This is achieved by using ...

5.8CVSS5.8AI score0.00197EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.8 views

PT-2026-52074

Name of the Vulnerable Software and Affected Versions @tryghost/activitypub versions prior to 3.1.0 Description The ActivityPub client in Ghost is susceptible to JavaScript injection. This occurs when the client processes posts shared by a maliciously customized ActivityPub server, allowing the...

7.5CVSS6.1AI score0.00204EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.7 views

PT-2026-52072

Name of the Vulnerable Software and Affected Versions Ghost versions 6.19.4 through 6.21.0 Description Insufficient validation of the client-supplied Content-Type on the Admin API file upload endpoint allows uploaded files to be served with an attacker-chosen content type when using S3 or GCS...

5.4CVSS5.5AI score0.00133EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.12 views

PT-2026-52069

Name of the Vulnerable Software and Affected Versions Ghost versions 6.0.9 through 6.21.0 Description Ghost is a Node.js content management system. A flaw in the private-IP check for outbound HTTP requests allows a bypass via DNS rebinding. DNS rebinding is a technique that tricks a browser or...

4CVSS5.8AI score0.0014EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.6 views

PT-2026-52073

Name of the Vulnerable Software and Affected Versions Ghost versions 5.46.1 through 6.21.1 Description Validation applied to filters on public API endpoints could be partially bypassed, allowing the disclosure of private fields through a brute force attack. The impact varies by database: when usi...

5.3CVSS5.8AI score0.00214EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.10 views

PT-2026-52070

Name of the Vulnerable Software and Affected Versions Ghost versions 6.19.4 through 6.21.0 Description Ghost, a Node.js content management system, fails to restrict outbound HTTP requests when refetching missing image dimensions during post re-rendering. An authenticated staff user with permissio...

5.4CVSS5.8AI score0.00122EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.9 views

PT-2026-52071

Name of the Vulnerable Software and Affected Versions Ghost versions 5.18.0 through 6.21.0 Description A discrepancy in responses from the members signin endpoints allows an unauthenticated attacker to determine if a specific email address is registered as a member of the site. Recommendations...

5.3CVSS5.8AI score0.00206EPSS
Exploits0References6
NVD
NVD
added 2026/06/23 6:18 p.m.14 views

CVE-2026-50221

In OpenStack Swift before 2.37.2, proxy-server does not strip internal update headers X-Container-Host, X-Container-Device, X-Delete-At-Host, X-Delete-At-Device from client requests before forwarding them to object-servers. An authenticated user with write access can inject these headers to...

5.4CVSS0.00146EPSS
Exploits1References4
EUVD
EUVD
added 2026/06/23 5:3 p.m.6 views

EUVD-2026-38537

In OpenStack Swift before 2.37.2, proxy-server does not strip internal update headers X-Container-Host, X-Container-Device, X-Delete-At-Host, X-Delete-At-Device from client requests before forwarding them to object-servers. An authenticated user with write access can inject these headers to...

5.3CVSS6AI score0.00146EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/06/23 5:3 p.m.35 views

CVE-2026-50221

In OpenStack Swift before 2.37.2, proxy-server does not strip internal update headers X-Container-Host, X-Container-Device, X-Delete-At-Host, X-Delete-At-Device from client requests before forwarding them to object-servers. An authenticated user with write access can inject these headers to...

5.3CVSS0.00146EPSS
Exploits1References3
CVE
CVE
added 2026/06/23 5:3 p.m.29 views

CVE-2026-50221

CVE-2026-50221 affects OpenStack Swift prior to 2.37.2, where proxy-server fails to strip internal update headers (X-Container-Host, X-Container-Device, X-Delete-At-Host, X-Delete-At-Device) from client requests before forwarding to object-servers. An authenticated user with write access can inje...

5.4CVSS6AI score0.00146EPSS
Exploits1References4Affected Software1
Debian CVE
Debian CVE
added 2026/06/23 5:3 p.m.7 views

CVE-2026-50221

In OpenStack Swift before 2.37.2, proxy-server does not strip internal update headers X-Container-Host, X-Container-Device, X-Delete-At-Host, X-Delete-At-Device from client requests before forwarding them to object-servers. An authenticated user with write access can inject these headers to...

5.4CVSS6AI score0.00146EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.14 views

PT-2026-51572

Name of the Vulnerable Software and Affected Versions OpenStack Swift versions prior to 2.37.2 Description The proxy-server fails to strip internal update headers from client requests before forwarding them to object-servers. An authenticated user with write access can inject the headers...

5.4CVSS6AI score0.00146EPSS
Exploits1References8
OSV
OSV
added 2026/06/18 2:32 p.m.3 views

SUSE-SU-2026:22213-1 Security update for unbound

This update for unbound fixes the following issues - CVE-2026-32792: Packet of death with DNSCrypt bsc1265583. - CVE-2026-33278: Possible remote code execution during DNSSEC validation bsc1265587. - CVE-2026-40622: "Ghost domain name" variant bsc1265581. - CVE-2026-41292: Parsing a long list of...

10CVSS6.5AI score0.01272EPSS
Exploits0References23
Rows per page
Query Builder