CVE-2026-22594 | TryGhost up to 5.130.5/6.10.x 2FA improper authentication (GHSA-5fp7-g646-ccf4)

A vulnerability, which was classified as critical, has been found in TryGhost Ghost up to 5.130.5/6.10.x. Impacted is an unknown function of the component 2FA. This manipulation causes improper authentication.

This vulnerability is handled as CVE-2026-22594. The attack can be initiated remotely. There is not any exploit available.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More