Protection Mechanism Failure Affecting kibana-9.4 package, versions *
Threat Intelligence
The probability is the direct output of the EPSS model, and conveys an overall sense of the threat of exploitation in the wild. The percentile measures the EPSS probability relative to all known EPSS scores. Note: This data is updated daily, relying on the latest available EPSS model version. Check out the EPSS documentation for more details.
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk IDSNYK-MINIMOSLATEST-KIBANA94-17248728
- published9 Jun 2026
- disclosed17 Jun 2026
Introduced: 9 Jun 2026
NewCVE-2026-44646 (opens in a new tab)How to fix?
There is no fixed version for Minimos:latest kibana-9.4.
NVD Description
Note: Versions mentioned in the description apply only to the upstream kibana-9.4 package and not the kibana-9.4 package as distributed by Minimos.
See How to fix? for Minimos:latest relevant fixed versions and status.
LiquidJS is a Shopify/GitHub Pages compatible template engine written in pure JavaScript. In versions 10.25.7 and below, Context.spawn() creates a child Context for the {% render %} tag but does not propagate the parent context's resolved ownPropertyOnly value, resulting in a silent bypass. The new context re-derives ownPropertyOnly from opts.ownPropertyOnly (the instance-level option), silently discarding any RenderOptions.ownPropertyOnly override that was supplied to parseAndRender(). As a result, a developer who runs a Liquid instance with the backwards-compatible ownPropertyOnly:false and then locks down an untrusted render with parseAndRender(..., { ownPropertyOnly: true }) still leaks prototype-chain properties from inside any {% render %} partial. This is a distinct exploit surface from the previously identified array-filter variants (where, reject, group_by, find, find_index, has) — the underlying root cause in Context.spawn() is shared, but {% render %} is a separately reachable sink that needs no filter usage. This issue has been fixed in version 10.26.0.
References
- https://www.cve.org/CVERecord?id=CVE-2026-44646
- https://github.com/advisories/GHSA-9x9p-qf8f-mvjg
- https://osv.dev/vulnerability/MINI-567w-g773-m59g
- https://osv.dev/vulnerability/CVE-2026-44646
- https://github.com/harttle/liquidjs/commit/dbbf6288030591bf6da28d8c1cce5a17bca97bb6
- https://github.com/harttle/liquidjs/releases/tag/v10.26.0
- https://github.com/harttle/liquidjs/security/advisories/GHSA-9x9p-qf8f-mvjg