CVE ID :CVE-2026-41311 Published : May 9, 2026, 4:16 a.m. | 1 hour, 28 minutes ago Description :LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to version 10.25.7, a circular block reference in {% layout %} / {% block %} causes an infinite recursive loop, consuming all available memory (~4GB) and crashing the Node.js process with FATAL ERROR: JavaScript heap out of memory. This allows any user who can submit a Liquid template to perform a Denial of Service attack. This issue has been patched in version 10.25.7. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...