In LiquidJS versions 10.25.7 and earlier, the Context.spawn() function creates a child context for the {% render %} tag but fails to carry over the parent context's resolved ownPropertyOnly value. Instead, it re-derives ownPropertyOnly from the instance-level option opts.ownPropertyOnly, ignoring any override supplied to parseAndRender(). This results in a security bypass where prototype-chain properties can leak from untrusted partial renders despite attempts to restrict them. This vulnerability is distinct from prior array-filter related issues but shares the same root cause in Context.spawn(). The vulnerability has been addressed in version 10.26.0.

An attacker can exploit this vulnerability to bypass property access restrictions in untrusted template renders, causing leakage of prototype-chain properties. This may expose sensitive data or internal state that should be inaccessible. The vulnerability does not affect integrity or availability but impacts confidentiality. The CVSS score is 5.3 (medium severity) with network attack vector, low complexity, no privileges required, no user interaction, and impact limited to confidentiality.

Upgrade to LiquidJS version 10.26.0 or later where this issue is fixed. No other official remediation or temporary fix is documented. Until upgraded, be aware that using parseAndRender() with ownPropertyOnly:true does not fully prevent prototype property leakage in {% render %} partials.