GHSA-GF2Q-C269-PQGC LiquidJS is Vulnerable to Remote Code Execution

Summary It is possible to execute arbitrary code with crafted templates Details 1|valueOf - this when evaluating the filter liquid %assign r=1|valueOf% r|inspect json...

Arbitrary Code Injection

Overview liquidjs is an A simple, expressive, safe and Shopify compatible template engine in pure JavaScript. Affected versions of this package are vulnerable to Arbitrary Code Injection via the filters and tags registries in Liquid. An attacker can trigger arbitrary inherited Object.prototype...

@11ty/eleventy (=3.0.0-alpha.16), @agiflowai/aicode-toolkit (>=0.6.0 <=1.1.0) +99 more potentially affected by CVE-2026-45617 via liquidjs (>=10.10.0 <=10.25.7)

liquidjs NPM version =10.10.0, =0.6.0, =0.1.0, =0.0.0, =0.5.5, =0.8.0, =1.0.1, =1.6.3, =3.11.0, =3.11.0, =3.11.0, =1.0.0, =1.0.0-beta.5 - @clairview/api =23.1.0 and more Source cves: CVE-2026-45617 Source advisory: OSV:GHSA-R7G9-XPMJ-5FCQ...

@11ty/eleventy (=3.0.0-alpha.16), @agiflowai/aicode-toolkit (>=0.6.0 <=1.1.0) +99 more potentially affected by CVE-2026-45357 via liquidjs (>=10.10.0 <=10.25.7)

liquidjs NPM version =10.10.0, =0.6.0, =0.1.0, =0.0.0, =0.5.5, =0.8.0, =1.0.1, =1.6.3, =3.11.0, =3.11.0, =3.11.0, =1.0.0, =1.0.0-beta.5 - @clairview/api =23.1.0 and more Source cves: CVE-2026-45357 Source advisory: OSV:GHSA-HH27-HF48-9F5Q...

@11ty/eleventy (=3.0.0-alpha.16), @agiflowai/aicode-toolkit (>=0.6.0 <=1.1.0) +99 more potentially affected by CVE-2026-44646 via liquidjs (>=10.10.0 <=10.25.7)

liquidjs NPM version =10.10.0, =0.6.0, =0.1.0, =0.0.0, =0.5.5, =0.8.0, =1.0.1, =1.6.3, =3.11.0, =3.11.0, =3.11.0, =1.0.0, =1.0.0-beta.5 - @clairview/api =23.1.0 and more Source cves: CVE-2026-44646 Source advisory: OSV:GHSA-9X9P-QF8F-MVJG...

@11ty/eleventy (=3.0.0-alpha.16), @agiflowai/aicode-toolkit (>=0.6.0 <=1.1.0) +99 more potentially affected by CVE-2026-44645 via liquidjs (>=10.10.0 <=10.25.7)

liquidjs NPM version =10.10.0, =0.6.0, =0.1.0, =0.0.0, =0.5.5, =0.8.0, =1.0.1, =1.6.3, =3.11.0, =3.11.0, =3.11.0, =1.0.0, =1.0.0-beta.5 - @clairview/api =23.1.0 and more Source cves: CVE-2026-44645 Source advisory: OSV:GHSA-8XX9-69P8-7JP3...

CVE-2026-41311

LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to version 10.25.7, a circular block reference in % layout % / % block % causes an infinite recursive loop, consuming all available memory 4GB and crashing the Node.js process with FATAL ERROR: JavaScript he...

@11ty/eleventy (=3.0.0-alpha.16), @agiflowai/aicode-toolkit (>=0.6.0 <=1.1.0) +97 more potentially affected by CVE-2026-41311 via liquidjs (>=10.10.0 <=10.25.6)

liquidjs NPM version =10.10.0, =0.6.0, =0.1.0, =0.0.0, =0.5.5, =0.8.0, =1.0.1, =1.6.3, =3.11.0, =3.11.0, =3.11.0, =1.0.0-beta.1, =1.0.0-beta.4 - @clairview/api =23.1.0 and more Source cves: CVE-2026-41311 Source advisory: OSV:GHSA-4RC3-7J7W-M548...

Path Traversal

LiquidJS is vulnerable to Path Traversal. The vulnerability is due to the path-based check for partial and layout roots, where a symlink to a file outside the allowed root can be loaded if it is placed inside an allowed partials or layouts directory, and attackers can exploit this by placing...

CVE-2026-39859

LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to 10.25.3, liquidjs 10.25.0 documents root as constraining filenames passed to renderFile and parseFile, but top-level file loads do not enforce that boundary. A Liquid instance configured with an empty...

CVE-2026-39859

LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to 10.25.3, liquidjs 10.25.0 documents root as constraining filenames passed to renderFile and parseFile, but top-level file loads do not enforce that boundary. A Liquid instance configured with an empty...

EUVD-2026-20554

LiquidJS Has Memory Limit Bypass via Quadratic Amplification in replace Filter...

Allocation of Resources Without Limits or Throttling

Overview liquidjs is an A simple, expressive, safe and Shopify compatible template engine in pure JavaScript. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the replace filter when the memoryLimit option is enabled. An attacker can...

CVE-2026-30952

liquidjs is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to 10.25.0, the layout, render, and include tags allow arbitrary file access via absolute paths either as string literals or through Liquid variables, the latter require dynamicPartials: true, which is the...

CVE-2026-33285

LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to version 10.25.1, LiquidJS's memoryLimit security mechanism can be completely bypassed by using reverse range expressions e.g., 100000000..1, allowing an attacker to allocate unlimited memory. Combined wit...

CVE-2026-33285 LiquidJS: memoryLimit Bypass through Negative Range Values Leads to Process Crash

LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to version 10.25.1, LiquidJS's memoryLimit security mechanism can be completely bypassed by using reverse range expressions e.g., 100000000..1, allowing an attacker to allocate unlimited memory. Combined wit...

CVE-2026-33287 LiquidJS has Exponential Memory Amplification through its replace_first Filter $& Pattern

LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to version 10.25.1, the replacefirst filter in LiquidJS uses JavaScript's String.prototype.replace which interprets $& as a back reference to the matched substring. The filter only charges memoryLimit for th...

Allocation of Resources Without Limits or Throttling

Overview liquidjs is an A simple, expressive, safe and Shopify compatible template engine in pure JavaScript. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the replacefirst function. An attacker can exhaust system memory and disru...

@11ty/eleventy (=3.0.0-alpha.16), @agiflowai/aicode-toolkit (>=0.6.0 <=1.0.24) +60 more potentially affected by CVE-2026-33287 via liquidjs (>=10.10.0 <=10.24.0)

liquidjs NPM version =10.10.0, =0.6.0, =0.1.0, =0.0.0, =1.0.1-beta.0, =1.6.3, =3.11.0, =3.11.0, =3.11.0, =1.1.0, =15.0.0, =34.0.0 - @fahami/directus-pkce =1.0.0 and more Source cves: CVE-2026-33287 Source advisory: OSV:GHSA-6Q5M-63H6-5X4V...

GHSA-6Q5M-63H6-5X4V LiquidJS has Exponential Memory Amplification through its replace_first Filter $& Pattern

Summary The replacefirst filter in LiquidJS uses JavaScript's String.prototype.replace which interprets $& as a backreference to the matched substring. The filter only charges memoryLimit for the input string length, not the amplified output. An attacker can achieve exponential memory amplificati...