प्लेटफ़ॉर्म
nodejs
घटक
ghost
में ठीक किया गया
6.0.1
5.38.1
5.130.7
6.11.1
6.11.0
CVE-2026-22597 describes a Server-Side Request Forgery (SSRF) vulnerability within the media inliner mechanism of Ghost CMS. This flaw allows authenticated staff users possessing a valid Ghost Admin API token to potentially exfiltrate data from internal systems. The vulnerability affects versions 5.38.0 through 5.130.5, and versions 6.0.0 through 6.10.3, with a fix available in version 6.11.0.
An attacker exploiting this SSRF vulnerability could leverage a staff user's authentication token to make requests to internal resources that are otherwise inaccessible from the outside world. This could include accessing sensitive data stored on internal servers, querying internal APIs, or even interacting with other internal services. The potential impact ranges from information disclosure to potential escalation of privileges depending on the internal resources accessible via the SSRF. While the CVSS score is LOW, the ability to bypass internal network segmentation and access sensitive data makes this a significant concern, especially in environments with complex internal architectures.
This vulnerability was discovered and responsibly disclosed by Sho Odagiri of GMO Cybersecurity by Ierae, Inc. It is not currently listed on KEV or EPSS, and there are no publicly available proof-of-concept exploits. The LOW CVSS score suggests a low probability of active exploitation, but the potential for data exfiltration warrants prompt remediation. The vulnerability was publicly disclosed on 2026-01-08.
Organizations utilizing Ghost CMS for their blogging or content management needs are at risk, particularly those with staff users who have access to the Ghost Admin API. Deployments with complex internal network architectures and sensitive data stored on internal servers are at higher risk, as the SSRF vulnerability could be used to bypass network segmentation and access this data.
• nodejs / server:
journalctl -u ghost | grep -i "ssrf"• nodejs / server:
ps aux | grep -i "ghost" | grep -i "inliner"• generic web: Use curl to probe internal endpoints accessible from the Ghost CMS server. Look for unexpected responses or data leakage.
curl -v http://<internal_ip>/<sensitive_endpoint>disclosure
एक्सप्लॉइट स्थिति
EPSS
0.06% (18% शतमक)
CISA SSVC
CVSS वेक्टर
The primary mitigation for CVE-2026-22597 is to upgrade Ghost CMS to version 6.11.0 or later, which includes the necessary fix. If upgrading immediately is not feasible, consider restricting the network access of the Ghost CMS server to only the necessary external resources. Implement strict access controls for the Ghost Admin API, limiting the privileges of staff users and regularly auditing their access. Monitor Ghost CMS logs for unusual outbound requests that could indicate exploitation attempts. While a WAF might offer some protection, it's unlikely to be sufficient without specific rules tailored to SSRF patterns within the Ghost CMS media inliner functionality.
Actualice Ghost a la versión 5.130.6 o superior, o a la versión 6.11.0 o superior. Esto corrige la vulnerabilidad SSRF en el mecanismo de media inliner. La actualización se puede realizar a través del panel de administración de Ghost o mediante la línea de comandos.
भेद्यता विश्लेषण और गंभीर अलर्ट सीधे आपके ईमेल में।
CVE-2026-22597 is a Server-Side Request Forgery vulnerability in Ghost CMS versions 5.38.0 - 5.130.5 and 6.0.0 - 6.10.3, allowing authenticated staff users to exfiltrate data.
You are affected if you are running Ghost CMS versions 5.38.0 - 5.130.5 or 6.0.0 - 6.10.3 and have staff users with access to the Ghost Admin API.
Upgrade Ghost CMS to version 6.11.0 or later to resolve the SSRF vulnerability.
There are currently no reports of active exploitation, but the potential for data exfiltration warrants prompt remediation.
Refer to the Ghost CMS security advisory for detailed information and updates: [https://ghost.org/security/advisories/CVE-2026-22597](https://ghost.org/security/advisories/CVE-2026-22597)
अपनी डिपेंडेंसी फ़ाइल अपलोड करें और तुरंत जानें कि यह CVE और अन्य आपको प्रभावित करती हैं या नहीं।