{"uuid": "eeaee8c4-0e29-40a1-a06d-7c8a13210190", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-26980", "type": "seen", "source": "https://t.me/BleepingComputer/24746", "content": "\u200aGhost CMS SQL injection flaw exploited in large-scale ClickFix campaign\n\nA large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious JavaScript code that triggers ClickFix attack flows. [...]\n\nhttps://www.bleepingcomputer.com/news/security/ghost-cms-sql-injection-flaw-exploited-in-large-scale-clickfix-campaign/", "creation_timestamp": "2026-05-24T14:58:38.000000Z"}