EUVD-2025-31060

rollbar vulnerable to prototype pollution...

EUVD-2025-9800

Malicious code in bioql PyPI...

@afif_hh/composable (=1.0.2), @afif_hh/ui_components (>=1.0.5 <=1.0.30) +24 more potentially affected by CVE-2025-57325 via rollbar (>=2.10.0 <=2.26.4)

rollbar NPM version =2.10.0, =1.0.5, =1.0.0, =0.0.5, =0.0.2-beta.1, =0.5.4, =0.8.0, =2.0.0, =0.60.1, =0.20.0-beta.4, =1.0.0, =48.0.0, =1.0.0, =1.0.3 - bnjuilopjhgthtyi =99.99.99 and more Source cves: CVE-2025-57325 Source advisory: SNYK:JS-ROLLBAR-13110036...

PT-2025-39334

Name of the Vulnerable Software and Affected Versions rollbar versions prior to 2.26.4 Description rollbar is a package used for tracking and debugging errors in JavaScript applications. A flaw exists in the utility.set function that allows attackers to inject properties onto Object.prototype by...

CVE-2025-57325

Summary: Rollbar v2.26.4 and earlier are vulnerable to a Prototype Pollution in the internal function utility.set, allowing an attacker to inject properties into Object.prototype via crafted input, potentially causing a DoS. A fix is available in versions 2.26.5 and 3.0.0-beta5 or newer. The CVE ...

CVE-2025-32250

Cross-Site Request Forgery CSRF vulnerability in rollbar Rollbar rollbar allows Cross Site Request Forgery.This issue affects Rollbar: from n/a through = 2.7.1...

CVE-2025-32250 WordPress Rollbar plugin <= 2.7.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in rollbar Rollbar rollbar allows Cross Site Request Forgery.This issue affects Rollbar: from n/a through = 2.7.1...

PT-2025-15006 · Rollbar · Rollbar

Name of the Vulnerable Software and Affected Versions: Rollbar versions n/a through 2.7.1 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability, which allows an attacker to perform unauthorized actions on a user's account. Recommendations: For versions prior to 2.7.1, update t...