LiquidJS, a plain‑JavaScript template engine used in Node.js projects, contains a flaw that bypasses the configured root directory when a template file is loaded with renderFile() or parseFile(). Because top‑level file loads do not enforce the root boundary, an instance that has an empty temporary directory as its root can return the contents of any file readable by the running process. If an attacker supplies a path that points outside the intended directory, the engine can expose sensitive configuration files, credentials, or other secrets, compromising data confidentiality and application integrity.

Affected users run Harttle’s LiquidJS component, specifically versions 10.25.0 through 10.25.2. Versions after 10.25.3 include the fix. Projects that incorporate these earlier releases—including npm packages or private forks—are at risk unless the vulnerability has been mitigated by configuration or patching.

The CVSS score of 6.3 indicates medium severity, and the EPSS score of less than 1% suggests a low likelihood of widespread exploitation. The vulnerability is not listed in the CISA KEV catalog. Exploitation requires the application to invoke renderFile() or parseFile() with a path that escapes the root constraint, which can be achieved if the instance is configured with an empty root directory. Based on the description, it is inferred that an attacker could trigger the read by supplying a malicious template, either locally or remotely, depending on how the application exposes these functions.