CVE-2026-22596 | TryGhost up to 5.130.5/6.10.x Admin API sql injection (GHSA-gjrp-xgmh-x9qq)

A vulnerability has been found in TryGhost Ghost up to 5.130.5/6.10.x and classified as critical. The impacted element is an unknown function of the component Admin API. Performing a manipulation results in sql injection.

This vulnerability was named CVE-2026-22596. The attack may be initiated remotely. There is no available exploit.

The affected component should be upgraded.VulDB Recent EntriesRead More