CVE-2026-22597 | TryGhost up to 5.130.5/6.10.x Admin API server-side request forgery (GHSA-vmc4-9828-r48r)

A vulnerability was found in TryGhost Ghost up to 5.130.5/6.10.x and classified as critical. This affects an unknown function of the component Admin API. Executing a manipulation can lead to server-side request forgery.

The identification of this vulnerability is CVE-2026-22597. The attack may be launched remotely. There is no exploit available.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More