@trpc/server

npm2 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting @trpc/serverpage 1 of 1

CVE-2025-43855HIGHCVSS 8.7EG 0.0✓ Fixed in 11.1.1
2025-04-24
tRPC allows users to build & consume fully typesafe APIs without schemas or code generation. In versions starting from 11.0.0 to before 11.1.1, an unhandled error is thrown when validating invalid connectionParams which crashes a tRPC WebS…
CVE-2025-68130HIGHCVSS 8.5EG 0.0✓ Fixed in 11.8.0
2025-12-16
tRPC allows users to build and consume fully typesafe APIs without schemas or code generation. Starting in version 10.27.0 and prior to versions 10.45.3 and 11.8.0, a A prototype pollution vulnerability exists in `@trpc/server`'s `formData…

Check whether @trpc/server is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for @trpc/server CVEs against the assets you own.

Start Free Scan →