Known Vulnerabilities for Shopify by Vendor
Listed below are 10 of the newest known vulnerabilities associated with "Shopify" by "Vendor".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-57748 json | Contributor Local File Inclusion in Shopify <= 1.0.0 versions. | Not Provided | 2026-07-02 | 2026-07-02 |
| CVE-2026-55575 json | LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to 10.27.1, the pop array filter at... | Not Provided | 2026-07-08 | 2026-07-09 |
| CVE-2026-45617 json | LiquidJS is a Shopify/GitHub Pages compatible template engine written in pure JavaScript. In versions 10.25.7 and below, the ... | Not Provided | 2026-06-17 | 2026-06-18 |
| CVE-2026-45357 json | LiquidJS is a Shopify/GitHub Pages compatible template engine written in pure JavaScript. In versions 10.25.7 and below, the ... | Not Provided | 2026-06-17 | 2026-06-18 |
| CVE-2026-44646 json | LiquidJS is a Shopify/GitHub Pages compatible template engine written in pure JavaScript. In versions 10.25.7 and below, Cont... | Not Provided | 2026-06-17 | 2026-06-18 |
| CVE-2026-44645 json | LiquidJS is a Shopify/GitHub Pages compatible template engine written in pure JavaScript. In versions 10.25.7 and below, the ... | Not Provided | 2026-06-17 | 2026-06-18 |
| CVE-2026-44644 json | LiquidJS is a Shopify/GitHub Pages compatible template engine written in pure JavaScript. Versions 10.25.7 and below are vuln... | Not Provided | 2026-06-17 | 2026-06-18 |
| CVE-2026-41311 json | LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to version 10.25.7, a circular bloc... | Not Provided | 2026-05-09 | 2026-05-11 |
| CVE-2025-31795 json | Missing Authorization vulnerability in Plugin Devs Shopify to WooCommerce Migration migrate-shopify-to-woocommerce allows Exp... | Not Provided | 2025-04-03 | 2026-04-23 |
| CVE-2025-30999 json | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Faha... | Not Provided | 2025-06-06 | 2026-04-23 |