| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-39859 | LiquidJS has a renderFile() / parseFile() bypass configured root and allow arbitrary file read | harttle | liquidjs | - | - | 2026-04-08 19:45:22 | Deep Dive |
| CVE-2026-39412 | LiquidJS has an ownPropertyOnly bypass via sort_natural filter — prototype property information disclosure through sorting side-channel | harttle | liquidjs | Medium | 5.3 | 2026-04-08 19:39:18 | Deep Dive |
| CVE-2026-34166 | LiquidJS has a Memory Limit Bypass via Quadratic Amplification in `replace` Filter | harttle | liquidjs | Low | 3.7 | 2026-04-08 17:52:06 | Deep Dive |
| CVE-2026-33285 | LiquidJS: memoryLimit Bypass through Negative Range Values Leads to Process Crash | harttle | liquidjs | High | 7.5 | 2026-03-26 00:34:25 | Deep Dive |
| CVE-2026-33287 | LiquidJS has Exponential Memory Amplification through its replace_first Filter $& Pattern | harttle | liquidjs | High | 7.5 | 2026-03-26 00:33:20 | Deep Dive |
| CVE-2026-30952 | liquidjs has a path traversal fallback vulnerability | harttle | liquidjs | - | - | 2026-03-10 20:25:20 | Deep Dive |
| CVE-2022-25948 | Information Exposure | - | liquidjs | Medium | 5.3 | 2022-12-23 23:03:51 | Deep Dive |