CVE-2026-22595 | TryGhost up to 5.130.5/6.10.x Staff Token authorization (GHSA-9xg7-mwmp-xmjx)

A vulnerability, which was classified as problematic, was found in TryGhost Ghost up to 5.130.5/6.10.x. The affected element is an unknown function of the component Staff Token Handler. Such manipulation leads to incorrect authorization.

This vulnerability is uniquely identified as CVE-2026-22595. The attack can be launched remotely. No exploit exists.

You should upgrade the affected component.VulDB Recent EntriesRead More