A simple, expressive, extensible Liquid template engine for JavaScript — Shopify, Jekyll and GitHub Pages compatible, for Node.js, browsers, and the CLI, with TypeScript support.
100%
Total Score
100
97
100
100
100
| Title | Versions | Severity |
|---|---|---|
AIKIDO-2026-127306 Pre-CVE Found by Aikido Intel before public disclosure or CVE publication. liquidjs is vulnerable to Allocation of Resources Without Limits or Throttling in versions 10.11.0 - 10.27.0. | 10.11.0 - 10.27.0 | Medium |
CVE-2026-45357 liquidjs is vulnerable to Uncontrolled Resource Consumption in versions 0.0.0 - 10.25.7. | 0.0.0 - 10.25.7 | High |
CVE-2026-44646 liquidjs is vulnerable to Protection Mechanism Failure in versions 0.0.0 - 10.25.7. | 0.0.0 - 10.25.7 | Medium |
CVE-2026-44645 liquidjs is vulnerable to Uncontrolled Resource Consumption in versions 0.0.0 - 10.25.7. | 0.0.0 - 10.25.7 | Medium |
CVE-2026-44644 liquidjs is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in versions 0.0.0 - 10.25.7. | 0.0.0 - 10.25.7 | Medium |
| Dependency | Last Release | Score |
|---|---|---|
commander Version ^10.0.0 | — | — |
Connect your repositories to instantly see whether vulnerable or malicious packages exist in your codebase.
Free. No credit card required.

SOC 2Compliant
ISO 27001Compliant