CVE-2026-35525
Received Received - Intake
Symlink Path Traversal in LiquidJS Template Engine Prior to

Publication date: 2026-04-08

Last updated on: 2026-04-10

Assigner: GitHub, Inc.

Description
LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to 10.25.3, for {% include %}, {% render %}, and {% layout %}, LiquidJS checks whether the candidate path is inside the configured partials or layouts roots before reading it. That check is path-based, not realpath-based. Because of that, a file like partials/link.liquid passes the directory containment check as long as its pathname is under the allowed root. If link.liquid is actually a symlink to a file outside the allowed root, the filesystem follows the symlink when the file is opened and LiquidJS renders the external target. So the restriction is applied to the path string that was requested, not to the file that is actually read. This matters in environments where an attacker can place templates or otherwise influence files under a trusted template root, including uploaded themes, extracted archives, mounted content, or repository-controlled template trees. This vulnerability is fixed in 10.25.3.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-08
Last Modified
2026-04-10
Generated
2026-06-16
AI Q&A
2026-04-08
EPSS Evaluated
2026-06-15
NVD
CVE-2026-35525
EUVD
EUVD-2026-20594
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
liquidjs liquidjs to 10.25.3 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-61 The product, when opening a file or directory, does not sufficiently account for when the file is a symbolic link that resolves to a target outside of the intended control sphere. This could allow an attacker to cause the product to operate on unauthorized files.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-35525 is a vulnerability in LiquidJS, a JavaScript template engine, where the software performs directory containment checks based on the pathname string rather than the actual resolved filesystem path (realpath). This means that if a symbolic link (symlink) is placed inside an allowed template directory pointing to a file outside that directory, LiquidJS will incorrectly allow access to and render the external file.

The issue arises because LiquidJS checks whether a file path is inside configured partials or layouts roots by examining the path string alone, without resolving symlinks. As a result, an attacker who can place or influence symlinks inside trusted template directories can cause LiquidJS to read and render files outside the intended safe directories.

This vulnerability affects the tags {% include %}, {% render %}, and {% layout %} in LiquidJS versions prior to 10.25.3 and is classified as a root restriction bypass via symlinked templates.

Compliance Impact

This vulnerability allows attackers to read arbitrary files outside the designated template roots by exploiting symbolic link traversal, leading to unauthorized information disclosure.

Such unauthorized disclosure of sensitive or personal data could lead to non-compliance with data protection regulations and standards like GDPR or HIPAA, which mandate strict controls on access to protected information.

Therefore, if exploited, this vulnerability could result in violations of confidentiality requirements under these regulations, potentially causing legal and financial repercussions for affected organizations.

Impact Analysis

This vulnerability allows attackers to read arbitrary files outside the designated template roots by exploiting symbolic link traversal. Because LiquidJS renders the contents of files pointed to by symlinks inside trusted directories, an attacker can gain unauthorized access to sensitive files on the filesystem.

The impact includes unauthorized information disclosure, which can expose secrets, configuration files, or other sensitive data that should not be accessible through the template engine.

The vulnerability requires no privileges or user interaction and can be exploited remotely with low complexity, making it a high-severity risk.

Detection Guidance

This vulnerability can be detected by checking for the presence of symbolic links within the allowed partials or layouts directories that point to files outside these directories. Since the issue arises from LiquidJS following symlinks without verifying their real paths, identifying such symlinks is key.

You can use filesystem commands to find symlinks inside the template root directories and verify if they point outside the allowed roots.

  • On Unix-like systems, use the command: find /path/to/partials_or_layouts -type l -exec ls -l {} \;
  • Then, for each symlink found, check the real path it points to using: readlink -f /path/to/symlink

If any symlink points outside the allowed template root directories, it indicates a potential exploitation of this vulnerability.

Mitigation Strategies

The immediate mitigation step is to upgrade LiquidJS to version 10.25.3 or later, where the vulnerability is fixed by performing realpath-based checks to prevent symlink traversal.

Until the upgrade is applied, you should audit and remove any symbolic links inside the partials or layouts directories that point outside the allowed roots to prevent unauthorized file access.

Additionally, restrict the ability of untrusted users or processes to create or modify files, including symlinks, within the trusted template directories.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-35525. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart