diff --git a/index.js b/index.js
index 99c5cd5..0eac2b3 100755
--- a/index.js
+++ b/index.js
@@ -66,7 +66,17 @@ var Logger = function(config) {
     config = config || {};
 
     this._mute = false;
-    this.config = _.merge({}, defaults, config);
+    var safeConfig = {};
+    for (var attr in config) {
+        if (!config.hasOwnProperty(attr)) {
+            continue;
+        }
+        if (attr === "__proto__" || attr === "constructor" || attr === "prototype") {
+            continue;
+        }
+        safeConfig[attr] = config[attr];
+    }
+    this.config = _.merge({}, defaults, safeConfig);
     this.addLevelMethods(this.config.levels);
     this._memo = {};
 
diff --git a/package-lock.json b/package-lock.json
index 1f99318..2774251 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,12 +1,12 @@
 {
   "name": "eazy-logger",
-  "version": "4.0.1",
+  "version": "4.1.0",
   "lockfileVersion": 2,
   "requires": true,
   "packages": {
     "": {
       "name": "eazy-logger",
-      "version": "4.0.1",
+      "version": "4.1.0",
       "dependencies": {
         "chalk": "4.1.2"
       },
diff --git a/package.json b/package.json
index b35b3a6..1ce07a6 100644
--- a/package.json
+++ b/package.json
@@ -1,7 +1,7 @@
 {
   "name": "eazy-logger",
   "description": "Simple cli logger",
-  "version": "4.0.1",
+  "version": "4.1.0",
   "homepage": "https://github.com/shakyshane/easy-logger",
   "author": {
     "name": "Shane Osbourne"
diff --git a/test/log.js b/test/log.js
index a005139..2c8d962 100644
--- a/test/log.js
+++ b/test/log.js
@@ -308,4 +308,22 @@ describe("Logging", function(){
 
         assert.equal(actual, expected);
     });
+
+    it("should handle prototype pollution attempts safely",  function () {
+        const lib =  easyLogger;
+        console.log("Before Attack: ", JSON.stringify( Object.getPrototypeOf({})));
+
+        try {
+            // for multiple functions, uncomment only one for each execution.
+            lib.Logger(JSON.parse("{\"__proto__\":{\"pollutedKey\":123}}"));
+        } catch (e) {
+        }
+
+        console.log("After Attack: ", JSON.stringify(Object.getPrototypeOf({})));
+
+        assert.notProperty(Object.prototype, "pollutedKey", "Prototype pollution occurred");
+
+        // Cleanup if any property was added
+        delete Object.prototype.pollutedKey;
+    });
 });