Package impact
NPM / liquidjs
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-45618 | critical | — | 9.5 | 8d ago | LiquidJS is Vulnerable to Remote Code Execution | |||
| CVE-2026-45617 | high | — | 8.0 | 8d ago | LiquidJS Vulnerable to ReDoS via Quadratic Backtracking in `strip_html` Filter Regex | |||
| CVE-2026-45357 | high | — | 8.0 | 8d ago | LiquidJS has a memory and render limit bypass via unbounded width padding in `date` filter (strftime) |