Skip to main content
RuntimeRebel
← All Articles

Tag

#CVE-2025-26980

1 article

Advertisement

VU
CRITICAL
Vulnerabilities

CVE-2025-26980: Ghost CMS SQL Injection Exploited in ClickFix Campaign

A critical SQL injection vulnerability in Ghost CMS (CVE-2025-26980) is being exploited to deliver ClickFix malware through malicious JavaScript injections.

Runtime Rebel Intel
3 min read·May 24, 2026