{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-33287", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-03-18T18:55:47.426Z", "datePublished": "2026-03-26T00:33:20.024Z", "dateUpdated": "2026-03-26T15:02:26.164Z"}, "containers": {"cna": {"title": "LiquidJS has Exponential Memory Amplification through its replace_first Filter $& Pattern", "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "lang": "en", "description": "CWE-20: Improper Input Validation", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-400", "lang": "en", "description": "CWE-400: Uncontrolled Resource Consumption", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/harttle/liquidjs/security/advisories/GHSA-6q5m-63h6-5x4v", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/harttle/liquidjs/security/advisories/GHSA-6q5m-63h6-5x4v"}, {"name": "https://github.com/harttle/liquidjs/commit/35d523026345d80458df24c72e653db78b5d061d", "tags": ["x_refsource_MISC"], "url": "https://github.com/harttle/liquidjs/commit/35d523026345d80458df24c72e653db78b5d061d"}], "affected": [{"vendor": "harttle", "product": "liquidjs", "versions": [{"version": "< 10.25.1", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-26T00:33:20.024Z"}, "descriptions": [{"lang": "en", "value": "LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to version 10.25.1, the `replace_first` filter in LiquidJS uses JavaScript's `String.prototype.replace()` which interprets `$&` as a back reference to the matched substring. The filter only charges `memoryLimit` for the input string length, not the amplified output. An attacker can achieve exponential memory amplification (up to 625,000:1) while staying within the `memoryLimit` budget, leading to denial of service. Version 10.25.1 patches the issue."}], "source": {"advisory": "GHSA-6q5m-63h6-5x4v", "discovery": "UNKNOWN"}}, "adp": [{"references": [{"url": "https://github.com/harttle/liquidjs/security/advisories/GHSA-6q5m-63h6-5x4v", "tags": ["exploit"]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-26T14:13:05.937301Z", "id": "CVE-2026-33287", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-26T15:02:26.164Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-33287", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-26T14:13:05.937301Z"}}}], "references": [{"url": "https://github.com/harttle/liquidjs/security/advisories/GHSA-6q5m-63h6-5x4v", "tags": ["exploit"]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-26T14:18:41.797Z"}}], "cna": {"title": "LiquidJS has Exponential Memory Amplification through its replace_first Filter $& Pattern", "source": {"advisory": "GHSA-6q5m-63h6-5x4v", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "harttle", "product": "liquidjs", "versions": [{"status": "affected", "version": "< 10.25.1"}]}], "references": [{"url": "https://github.com/harttle/liquidjs/security/advisories/GHSA-6q5m-63h6-5x4v", "name": "https://github.com/harttle/liquidjs/security/advisories/GHSA-6q5m-63h6-5x4v", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/harttle/liquidjs/commit/35d523026345d80458df24c72e653db78b5d061d", "name": "https://github.com/harttle/liquidjs/commit/35d523026345d80458df24c72e653db78b5d061d", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to version 10.25.1, the `replace_first` filter in LiquidJS uses JavaScript's `String.prototype.replace()` which interprets `$&` as a back reference to the matched substring. The filter only charges `memoryLimit` for the input string length, not the amplified output. An attacker can achieve exponential memory amplification (up to 625,000:1) while staying within the `memoryLimit` budget, leading to denial of service. Version 10.25.1 patches the issue."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-20", "description": "CWE-20: Improper Input Validation"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-400", "description": "CWE-400: Uncontrolled Resource Consumption"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-26T00:33:20.024Z"}}}, "cveMetadata": {"cveId": "CVE-2026-33287", "state": "PUBLISHED", "dateUpdated": "2026-03-26T15:02:26.164Z", "dateReserved": "2026-03-18T18:55:47.426Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-03-26T00:33:20.024Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:liquidjs:liquidjs:*:*:*:*:*:node.js:*:*", "matchCriteriaId": "7E49E8C9-5FB9-40CA-BE2C-AC2B6553F472", "versionEndExcluding": "10.25.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to version 10.25.1, the `replace_first` filter in LiquidJS uses JavaScript's `String.prototype.replace()` which interprets `$&` as a back reference to the matched substring. The filter only charges `memoryLimit` for the input string length, not the amplified output. An attacker can achieve exponential memory amplification (up to 625,000:1) while staying within the `memoryLimit` budget, leading to denial of service. Version 10.25.1 patches the issue."}, {"lang": "es", "value": "LiquidJS es un motor de plantillas compatible con Shopify / GitHub Pages en JavaScript puro. Antes de la versi\u00f3n 10.25.1, el filtro 'replace_first' en LiquidJS utiliza 'String.prototype.replace()' de JavaScript, que interpreta '$&amp;' como una retroreferencia a la subcadena coincidente. El filtro solo carga 'memoryLimit' por la longitud de la cadena de entrada, no por la salida amplificada. Un atacante puede lograr una amplificaci\u00f3n exponencial de la memoria (hasta 625.000:1) mientras se mantiene dentro del presupuesto de 'memoryLimit', lo que lleva a una denegaci\u00f3n de servicio. La versi\u00f3n 10.25.1 corrige el problema."}], "id": "CVE-2026-33287", "lastModified": "2026-03-30T16:46:03.917", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-03-26T01:16:27.530", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/harttle/liquidjs/commit/35d523026345d80458df24c72e653db78b5d061d"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/harttle/liquidjs/security/advisories/GHSA-6q5m-63h6-5x4v"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/harttle/liquidjs/security/advisories/GHSA-6q5m-63h6-5x4v"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}, {"lang": "en", "value": "CWE-400"}], "source": "security-advisories@github.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,10.25.1)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "liquidjs", "source": "cna", "vendor": "harttle"}, "product": "liquidjs", "vendor": "harttle"}], "analysis": {"en": {"generated_at": "2026-03-30T18:29:51.071410+00:00", "value": {"mitigation_remediation": ["Apply the latest LiquidJS patch (v10.25.1 or newer).", "Verify that any deployed templates are not using the replace_first filter with untrusted data."], "summary": {"action": "Immediate Patch", "impact": "Denial of Service via exponential memory amplification"}, "threat_synthesis": {"affected_systems": "LiquidJS, a template engine used with Node.js and in Shopify/GitHub Pages environments, is affected in all releases prior to 10.25.1. The product is maintained by Harttle and is commonly integrated into web applications that process user\u2011controlled templates.", "description_and_impact": "The replace_first filter in LiquidJS misinterprets the $& pattern as a reference to the matched substring, creating an output substantially larger than the input. An attacker can exploit this behavior to trigger a memory amplification ratio of up to 625,000:1 while keeping the input within the configured memory limit, causing the application to exhaust available memory and become unresponsive. This defect aligns with input validation and resource exhaustion weaknesses.", "risk_and_exploitability": "The vulnerability scores 7.5 on CVSS, indicating high severity, and has an EPSS score below 1%, reflecting a low current exploitation probability. It is not listed in CISA\u2019s KEV catalog. The attack vector is likely remote via malicious template input, and successful exploitation results in denial of service for all users of the affected application."}}}}, "created": "2026-03-26T11:30:53.946049+00:00", "updated": "2026-03-30T20:57:44.744950+00:00", "vendors": ["harttle", "harttle$PRODUCT$liquidjs"]}