Product
A remote code execution vulnerability exists in LiquidJS versions prior to 10.26.0, where crafted templates can execute arbitrary code by manipulating the `valueOf` filter and leveraging function calls via a comparable gadget.