CVE-2025-62517 | rollbar.js up to 2.26.4/3.0.0-beta4 merge prototype pollution (GHSA-xcg2-9pp4-j82x)

A vulnerability was found in rollbar.js up to 2.26.4/3.0.0-beta4. It has been declared as problematic. This vulnerability affects the function merge. The manipulation results in improperly controlled modification of object prototype attributes (‘prototype pollution’).

This vulnerability is identified as CVE-2025-62517. The attack can be executed remotely. There is not any exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More