Lucene search
K

4 matches found

NVD
NVD
added 2026/04/08 8:16 p.m.4 views

CVE-2026-35525

LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to 10.25.3, for % include %, % render %, and % layout %, LiquidJS checks whether the candidate path is inside the configured partials or layouts roots before reading it. That check is path-based, not...

8.2CVSS0.00396EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/04/08 7:30 p.m.3 views

CVE-2026-35525 LiquidJS has a root restriction bypass for partial and layout loading through symlinked templates

LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to 10.25.3, for % include %, % render %, and % layout %, LiquidJS checks whether the candidate path is inside the configured partials or layouts roots before reading it. That check is path-based, not...

8.2CVSS5.9AI score0.00396EPSS
Exploits1References3
CVE
CVE
added 2026/04/08 7:30 p.m.19 views

CVE-2026-35525

CVE-2026-35525 affects LiquidJS and involves a root restriction bypass for partial and layout loading via symlinked templates. The issue arises because the code checks the candidate path against allowed partials/layouts directories using a path-based check, not the canonical real filesystem path....

8.2CVSS5.9AI score0.00396EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2026/04/08 7:30 p.m.3 views

CVE-2026-35525 LiquidJS has a root restriction bypass for partial and layout loading through symlinked templates

LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to 10.25.3, for % include %, % render %, and % layout %, LiquidJS checks whether the candidate path is inside the configured partials or layouts roots before reading it. That check is path-based, not...

8.2CVSS5.9AI score0.00396EPSS
Exploits1References5
Rows per page
Query Builder