A real-world walkthrough of investigating and securing two self-hosted Ghost CMS instances after the CVE-2026-26980 disclosure — including version auditing, service debugging, patching, integrity checks, credential hardening, and backup validation.