CVE-2026-55575 - LiquidJS: `pop` filter bypasses `memoryLimit` accounting that its array-filter siblings enforce
CVE ID :CVE-2026-55575 Published : July 8, 2026, 8:16 p.m. | 58 minutes ago Description :LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to 10.27.1, the pop array filter at src/filters/array.ts allocated a full clone of its input array via...