CVE-2025-43855 – Apache tRPC WebSocket Server Crash Vulnerability (Denial of Service)

April 24, 2025

CVE ID : CVE-2025-43855

Published : April 24, 2025, 2:15 p.m. | 44 minutes ago

Description : tRPC allows users to build & consume fully typesafe APIs without schemas or code generation. In versions starting from 11.0.0 to before 11.1.1, an unhandled error is thrown when validating invalid connectionParams which crashes a tRPC WebSocket server. This allows any unauthenticated user to crash a tRPC 11 WebSocket server. Any tRPC 11 server with WebSocket enabled with a createContext method set is vulnerable. This issue has been patched in version 11.1.1.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticlePlaywright Report Portal Integration Guide

Next Article CVE-2025-30409 – Acronis Cyber Protect Cloud Agent Denial of Service

Highlights

CVE-2025-9669 – Jinher OA SQL Injection Vulnerability

August 29, 2025

CVE ID : CVE-2025-9669

Published : Aug. 29, 2025, 7:15 p.m. | 6 hours, 12 minutes ago

Description : A vulnerability has been found in Jinher OA 1.0. This issue affects some unknown processing of the file GetTreeDate.aspx. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used.

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

The Value-Driven AI Roadmap

This week in AI updates: Mistral’s new Le Chat features, ChatGPT updates, and more (September 5, 2025)

Designing For TV: Principles, Patterns And Practical Guidance (Part 2)

Neo4j introduces new graph architecture that allows operational and analytics workloads to be run together

Lenovo Legion Go 2 specs unveiled: The handheld gaming device to watch this October

As Windows 10 support ends, users weigh costly extended security program against upgrading to Windows 11

Lenovo’s Legion Glasses 2 update could change handheld gaming

Is Lenovo’s refreshed LOQ tower enough to compete? New OLED monitors raise the stakes at IFA 2025

External Forces Reshaping Financial Services in 2025 and Beyond

External Forces Reshaping Financial Services in 2025 and Beyond

Why It’s Time to Move from SharePoint On-Premises to SharePoint Online

Apple’s Big Move: The Future of Mobile

Lenovo Legion Go 2 specs unveiled: The handheld gaming device to watch this October

Lenovo Legion Go 2 specs unveiled: The handheld gaming device to watch this October

As Windows 10 support ends, users weigh costly extended security program against upgrading to Windows 11

Lenovo’s Legion Glasses 2 update could change handheld gaming

CVE-2025-43855 – Apache tRPC WebSocket Server Crash Vulnerability (Denial of Service)

20 Popular npm Packages With 2 Billion Weekly Downloads Compromised in Supply Chain Attack

TOR-Based Cryptojacking Attack Expands Through Misconfigured Docker APIs

Seriot – serial monitor and serial plotter

Rilasciata Linux Kamarada 15.6: Una Distribuzione GNU/Linux Basata su openSUSE

Copilot ask, edit, and agent modes: What they do and when to use them

CISA warns of ConnectWise ScreenConnect bug exploited in attacks

CVE-2025-9669 – Jinher OA SQL Injection Vulnerability

CVE-2025-41439 – RICOH Streamline NX Reflected Cross-Site Scripting Vulnerability

AI tool Brandolia reaches 600 sign-ups in its first week

CVE-2025-3858 – WordPress Formality Plugin Stored Cross-Site Scripting Vulnerability

CVE-2025-43855 – Apache tRPC WebSocket Server Crash Vulnerability (Denial of Service)

Related Posts