Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks

Threat actors are exploiting a recently disclosed critical security flaw in Ghost CMS to inject malicious JavaScript code with an aim to fuel ClickFix attacks. According to QiAnXin XLab, the activity involves the exploitation of CVE-2026-26980 (CVSS score: 9.4), an SQL injection vulnerability in Ghost's Content API that could allow an unauthenticated attacker to read arbitrary data from the

The article reports active exploitation of CVE-2026-26980, a critical unauthenticated SQL injection flaw in Ghost CMS (CVSS 9.4) that allows attackers to read arbitrary database data, steal Admin API keys, and bulk-inject malicious JavaScript into pages, driving large-scale ClickFix/fake CAPTCHA malware campaigns across 700+ sites in sectors including AI/SaaS and fintech.[1][5] The vulnerability, fixed in Ghost 6.19.1, is still being abused against unpatched instances to hijack content and weaponize trusted sites as malware delivery platforms.[1][5] From a CyberSE.AI perspective, this highlights SaaS and CMS platforms as critical parts of the AI application supply chain: compromise of a CMS that hosts AI product blogs, documentation, or embedded agents can be used to deliver malicious scripts to users or operators and to poison content that downstream AI agents consume. Organizations should treat CMS platforms as high-trust supply-chain components, enforce rapid patching and key rotation, and incorporate Ghost and similar services into SBOM-driven dependency tracking and security monitoring to prevent content-layer compromise from cascading into AI workflows and user endpoints.