Trpc · Trpc · CVE-2025-43855
**Name of the Vulnerable Software and Affected Versions**
tRPC versions 11.0.0 through 11.1.0
**Description**
The issue allows any unauthenticated user to crash a tRPC 11 WebSocket server by throwing an unhandled error when validating invalid `connectionParams`. This affects tRPC 11 servers with WebSocket enabled and a `createContext` method set.
**Recommendations**
For versions 11.0.0 through 11.1.0, update to version 11.1.1 to resolve the issue.