CVE-2025-57328

Name of the Vulnerable Software and Affected Versions toggle-array versions prior to 1.0.1

Description The toggle-array package has a flaw where the enable and disable functions can be exploited to inject properties onto Object.prototype by providing a specially crafted payload. This is a Prototype Pollution issue. The package is designed to enable a property on a specific object within an array while disabling it on others. Successful exploitation can lead to a denial of service (DoS).

Recommendations Update to a version newer than 1.0.1.