CVE-2026-29053

Name of the Vulnerable Software and Affected Versions Ghost versions 0.7.2 through 6.19.0

Description Ghost, a Node.js content management system, is affected by a code execution issue. Maliciously crafted themes can execute arbitrary code on the server. It is recommended to avoid installing untrusted themes. If a malicious theme has already been installed, uninstall it and inspect it to understand its impact.

Recommendations Update to version 6.19.1 or later. Uninstall any malicious themes. Inspect installed themes for potential impact.