CVE-2026-45618: Your Template Engine Runs Arbitrary Code. CVSS 10.

#Someone can type a string into your website and own your server.

That's not an exaggeration. CVE-2026-45618. CVSS 10.0. A perfect score. A server-side template injection vulnerability in LiquidJS -- a JavaScript templating library with over 7 million monthly downloads -- that lets an unauthenticated attacker execute arbitrary code on your server by submitting a specially crafted template expression.

No login. No password. No privilege escalation chain. Just a string in a text field.

#What is LiquidJS and why should you care?

LiquidJS is a Node.js implementation of the Liquid template language. If that means nothing to you, here's the plain version: it's the thing that takes your data and turns it into the HTML pages your customers see.

Template engines are everywhere. Your e-commerce store uses one to render product pages. Your email marketing platform uses one to personalize messages. Your CMS uses one to build pages from content blocks. Shopify's entire theme system is built on Liquid. LiquidJS is the open-source version that anyone running a Node.js application can plug in.

If your website was built with Node.js in the last five years, there's a real chance LiquidJS is somewhere in the dependency tree -- possibly as a direct dependency, possibly pulled in by a CMS, a static site generator, or an email templating library you didn't even pick yourself.

#How the exploit works.

The vulnerability is a classic server-side template injection (SSTI), but the execution is elegant and brutal.

An attacker submits a crafted Liquid template expression -- something like abusing a built-in filter (1 | valueOf) -- that reaches into JavaScript's internal execution context. From there, they walk through internal object references until they find the Function constructor. Once they have that, they can construct and execute any JavaScript they want.

In non-technical terms: the attacker sends a specially formatted string to your application. Your application tries to render it as a template. During rendering, the string tricks the template engine into giving the attacker access to the underlying programming language. Now they can run any command they want on your server.

Read environment variables. Access your database. Steal API keys. Install a backdoor. Pivot to other systems on your network. All from a single HTTP request, with no authentication.

A public proof-of-concept exploit is already available. The barrier to exploitation is extremely low.

#"We don't use LiquidJS."

Maybe. But do you know what your dependencies depend on? The npm ecosystem is a web of transitive dependencies. Your application might pull in LiquidJS through a CMS plugin, a static site generator, an email template library, or a headless commerce integration.

This is the same pattern we've seen over and over. vm2 was deprecated but still had massive install counts because projects didn't know they depended on it. The node-ipc backdoor spread through transitive dependencies. Supply chain risk isn't about the libraries you chose. It's about the libraries your libraries chose.

#Why this matters for your business.

If your application renders any user-controlled input through LiquidJS -- a custom email template, a CMS page, a personalized notification, a marketing landing page builder -- an attacker can take over the server. Full stop.

What does that look like in practice?

• Customer data exfiltration. Your database credentials are in environment variables on that server. The attacker reads them, connects to your database, and downloads everything.
• Payment processing compromise. If your server handles payments, the attacker has access to your payment gateway credentials and transaction data.
• Lateral movement. The compromised server can reach other internal systems -- databases, admin panels, other services. One compromised application becomes a compromised network.
• Ransomware staging. Attackers with arbitrary code execution on your server can deploy ransomware across anything that server can reach. That's how businesses close.

And unlike vulnerabilities that require authentication or complex exploit chains, this one works against any endpoint that renders user-supplied templates. No login. No social engineering. No phishing email. Just a web request.

#What to do.

1. Check if LiquidJS is in your dependency tree. Run this in your project directory:

`

npm ls liquidjs

`

If it shows up anywhere -- direct dependency or nested under something else -- you're affected.

1. Upgrade to LiquidJS 10.26.0 or later. This version patches the vulnerability. If LiquidJS is a direct dependency, update it. If it's a transitive dependency, check if the parent package has released an update that pulls in the fixed version.

1. If you can't upgrade immediately, disable user-controlled template rendering. Any feature where users can write or edit templates -- custom email templates, page builders, dynamic content blocks -- needs to be locked down or taken offline until you can patch. This is not optional for a CVSS 10.0.

1. Audit every endpoint that accepts template input. If your application takes user input and feeds it into a Liquid template for rendering, that endpoint is a direct attack vector. Catalog them. Restrict them. Add input validation that rejects template syntax characters.

1. If you had a developer build your site and walked away, call them. Or call us. You need someone to check your dependency tree, apply the patch, and verify your application isn't rendering user-controlled templates in unsafe ways. Vibe-coded applications are especially at risk here because AI-generated code rarely considers template injection as a threat model.

1. Check your logs for exploitation attempts. Look for unusual template syntax in form submissions, URL parameters, and API request bodies. Strings containing valueOf, constructor, or Function in template contexts are red flags.

#This is a supply chain problem.

Seven million monthly downloads. One vulnerable function. Every application that renders attacker-influenced templates through LiquidJS has been exploitable, potentially for an unknown period before the CVE was assigned.

This is the same story we keep telling. A security scanner gets backdoored. A sandbox library turns out to be escapable. A 13-year-old bug in Redis gets a perfect CVSS score. The software your business runs on is built from hundreds of open-source libraries maintained by people you've never met, and any one of them can become the door an attacker walks through.

You don't need to become a security researcher. You need someone who tracks this stuff so you don't have to.

#Further reading

• GitHub Advisory GHSA-gf2q-c269-pqgc - full vulnerability details and affected versions
• NVD: CVE-2026-45618 - official NIST vulnerability entry
• LiquidJS GitHub - check releases for 10.26.0+ patch
• OWASP: Server-Side Template Injection - understanding SSTI attack patterns