Description
rollbar is a package designed to effortlessly track and debug errors in JavaScript applications. This package includes advanced error tracking features and an intuitive interface to help you identify and fix issues more quickly. A Prototype Pollution vulnerability in the utility.set function of rollbar v2.26.
Recommendation
No fix is available yet. Followings are affected versions:
- <= 2.26.4
References
Related Issues
- csvjson vulnerable to prototype injection - CVE-2025-57318
- devalue prototype pollution vulnerability - CVE-2025-57820
- js-toml Prototype Pollution Vulnerability - CVE-2025-54803
- Command Injection in create-choo-electron - CVE-2022-25908
- Tags:
- npm
- rollbar
Anything's wrong? Let us know Last updated on September 26, 2025