CVE-2026-29053

Ghost is a Node.js content management system. From version 0.7.2 to 6.19.0, specifically crafted malicious themes can execute arbitrary code on the server running Ghost. This issue has been patched in version 6.19.1.

CVSS v3 7.6 HIGH

7.6^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.0 / Impact : 6.0

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required HIGH

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope CHANGED

References

Link	Resource
https://github.com/TryGhost/Ghost/security/advisories/GHSA-cgc2-rcrh-qr5x	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:ghost:ghost:*:*:*:*:*:node.js:*:*

History

No history.

Information

Published : 2026-03-05 06:16

Updated : 2026-03-09 18:40

NVD link : CVE-2026-29053

Mitre link : CVE-2026-29053

CVE.ORG link : CVE-2026-29053

JSON object : View

Products Affected

ghost

ghost

CWE

CWE-74

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

{"id": "CVE-2026-29053", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.6, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 1.0}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2026-03-05T06:16:50.410", "references": [{"url": "https://github.com/TryGhost/Ghost/security/advisories/GHSA-cgc2-rcrh-qr5x", "tags": ["Vendor Advisory"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-74"}]}], "descriptions": [{"lang": "en", "value": "Ghost is a Node.js content management system. From version 0.7.2 to 6.19.0, specifically crafted malicious themes can execute arbitrary code on the server running Ghost. This issue has been patched in version 6.19.1."}, {"lang": "es", "value": "Ghost es un sistema de gesti\u00f3n de contenido Node.js. Desde la versi\u00f3n 0.7.2 hasta la 6.19.0, temas maliciosos espec\u00edficamente dise\u00f1ados pueden ejecutar c\u00f3digo arbitrario en el servidor que ejecuta Ghost. Este problema ha sido parcheado en la versi\u00f3n 6.19.1."}], "lastModified": "2026-03-09T18:40:22.160", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ghost:ghost:*:*:*:*:*:node.js:*:*", "vulnerable": true, "matchCriteriaId": "624FEA3A-AF23-44E2-B6BF-26785A03B807", "versionEndExcluding": "6.19.1", "versionStartIncluding": "0.7.2"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}