{"uuid": "c015cd4f-b0db-44c5-a19e-9afd2350a8dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-26980", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mmo5ejm4s22g", "content": "Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign\n\nA large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious JavaScript code that triggers ClickFix attack flows. [...]\n#hackernews #news", "creation_timestamp": "2026-05-25T09:16:24.542073Z"}