CVE-2026-22597 is a Server-Side Request Forgery (SSRF) vulnerability identified in the TryGhost Ghost content management system, specifically within its media inliner feature. This vulnerability affects Ghost versions from 5.38.0 up to 5.130.5 and 6.0.0 up to 6.10.3. The media inliner mechanism, which processes media content for embedding or inlining, fails to properly validate or restrict URLs that staff users can request via the Ghost Admin API. As a result, an attacker with a valid authentication token and staff-level privileges can craft requests that cause the server to make arbitrary HTTP requests to internal or external systems. This can lead to unauthorized data exfiltration from internal services that are otherwise inaccessible externally, potentially exposing sensitive information such as internal APIs, databases, or metadata services. The vulnerability does not require user interaction beyond possessing a valid token, but it does require elevated privileges, limiting exploitation to trusted users or compromised accounts. The issue has been addressed in Ghost versions 5.130.6 and 6.11.0 by implementing stricter validation and restrictions on the URLs that the media inliner can access. The CVSS 4.0 vector indicates network attack vector, low attack complexity, no privileges required beyond staff-level, no user interaction, and no impact on confidentiality, integrity, or availability beyond the SSRF scope, resulting in a medium severity score of 5.1. No public exploits or active exploitation campaigns have been reported to date.

For European organizations using affected versions of the Ghost CMS, this SSRF vulnerability poses a risk of internal data exposure and reconnaissance. Attackers with staff-level access could leverage this flaw to access internal services that are not directly exposed to the internet, such as internal APIs, cloud metadata endpoints, or backend databases. This could lead to leakage of sensitive configuration data, credentials, or other internal information that could facilitate further attacks or lateral movement within the network. The impact is particularly significant for organizations hosting Ghost CMS on cloud infrastructure or within segmented internal networks where SSRF can bypass network controls. While the vulnerability does not directly allow remote code execution or denial of service, the ability to exfiltrate internal data can compromise confidentiality and aid attackers in escalating privileges or pivoting to more critical assets. Given the requirement for valid staff credentials, the threat is heightened if credential theft or insider threats are present. The medium severity rating reflects the moderate risk, but the potential for sensitive internal data exposure warrants prompt remediation.

European organizations should immediately upgrade affected Ghost CMS instances to versions 5.130.6 or 6.11.0 or later, where the SSRF vulnerability has been patched. In addition to patching, organizations should implement strict access controls on the Ghost Admin API, ensuring that only trusted staff users have access and that authentication tokens are securely managed and rotated regularly. Network segmentation should be enforced to limit the Ghost server's ability to reach sensitive internal services, reducing the impact of potential SSRF exploitation. Monitoring and logging of API usage and unusual outbound requests from the Ghost server can help detect exploitation attempts. Employing web application firewalls (WAFs) with SSRF detection rules may provide additional protection. Finally, conduct regular security audits and penetration tests focusing on SSRF and API abuse scenarios to identify and remediate similar issues proactively.