diff --git a/CHANGELOG.md b/CHANGELOG.md
index 4058886..59a8ab8 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,8 @@
 
 ## 2023
 
+- [4.2.4](#424-2023-05-31) (May 2023)
+- [3.4.3](#343-2023-05-22) (May 2023) (from the [3.4.x](https://github.com/socketio/socket.io-parser/tree/3.4.x) branch)
 - [4.2.3](#423-2023-05-22) (May 2023)
 - [4.2.2](#422-2023-01-19) (Jan 2023)
 
@@ -42,12 +44,31 @@
 
 # Release notes
 
+## [4.2.4](https://github.com/socketio/socket.io-parser/compare/4.2.3...4.2.4) (2023-05-31)
+
+
+### Bug Fixes
+
+* ensure reserved events cannot be used as event names ([d9db473](https://github.com/socketio/socket.io-parser/commit/d9db4737a3c8ce5f1f49ecc8d928a74f3da591f7))
+* properly detect plain objects ([b0e6400](https://github.com/socketio/socket.io-parser/commit/b0e6400c93b5c4aa25e6a629d6448b8627275213))
+
+
+
+## [3.4.3](https://github.com/socketio/socket.io-parser/compare/3.4.2...3.4.3) (2023-05-22)
+
+
+### Bug Fixes
+
+* check the format of the event name ([2dc3c92](https://github.com/socketio/socket.io-parser/commit/2dc3c92622dad113b8676be06f23b1ed46b02ced))
+
+
+
 ## [4.2.3](https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.3) (2023-05-22)
 
 
 ### Bug Fixes
 
-* check the format of the event name ([9be1167](https://github.com/socketio/socket.io-parser/commit/9be11670dfef7745cef9f17e28ebd2f4fc522e9e))
+* check the format of the event name ([3b78117](https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3))
 
 
 
diff --git a/lib/index.ts b/lib/index.ts
index 4319d2c..2cea37e 100644
--- a/lib/index.ts
+++ b/lib/index.ts
@@ -5,6 +5,18 @@ import debugModule from "debug"; // debug()
 
 const debug = debugModule("socket.io-parser"); // debug()
 
+/**
+ * These strings must not be used as event names, as they have a special meaning.
+ */
+const RESERVED_EVENTS = [
+  "connect", // used on the client side
+  "connect_error", // used on the client side
+  "disconnect", // used on both sides
+  "disconnecting", // used on the server side
+  "newListener", // used by the Node.js EventEmitter
+  "removeListener", // used by the Node.js EventEmitter
+];
+
 /**
  * Protocol version.
  *
@@ -119,6 +131,11 @@ export class Encoder {
   }
 }
 
+// see https://stackoverflow.com/questions/8511281/check-if-a-value-is-an-object-in-javascript
+function isObject(value: any): boolean {
+  return Object.prototype.toString.call(value) === "[object Object]";
+}
+
 interface DecoderReservedEvents {
   decoded: (packet: Packet) => void;
 }
@@ -268,16 +285,18 @@ export class Decoder extends Emitter<{}, {}, DecoderReservedEvents> {
   private static isPayloadValid(type: PacketType, payload: any): boolean {
     switch (type) {
       case PacketType.CONNECT:
-        return typeof payload === "object";
+        return isObject(payload);
       case PacketType.DISCONNECT:
         return payload === undefined;
       case PacketType.CONNECT_ERROR:
-        return typeof payload === "string" || typeof payload === "object";
+        return typeof payload === "string" || isObject(payload);
       case PacketType.EVENT:
       case PacketType.BINARY_EVENT:
         return (
           Array.isArray(payload) &&
-          (typeof payload[0] === "string" || typeof payload[0] === "number")
+          (typeof payload[0] === "number" ||
+            (typeof payload[0] === "string" &&
+              RESERVED_EVENTS.indexOf(payload[0]) === -1))
         );
       case PacketType.ACK:
       case PacketType.BINARY_ACK:
diff --git a/package.json b/package.json
index 0f375d5..478c8fe 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "socket.io-parser",
-  "version": "4.2.3",
+  "version": "4.2.4",
   "description": "socket.io protocol parser",
   "repository": {
     "type": "git",
diff --git a/test/parser.js b/test/parser.js
index c78e675..46a6e1b 100644
--- a/test/parser.js
+++ b/test/parser.js
@@ -115,12 +115,15 @@ describe("socket.io-parser", () => {
 
     isInvalidPayload('442["some","data"');
     isInvalidPayload('0/admin,"invalid"');
+    isInvalidPayload("0[]");
     isInvalidPayload("1/admin,{}");
     isInvalidPayload('2/admin,"invalid');
     isInvalidPayload("2/admin,{}");
     isInvalidPayload('2[{"toString":"foo"}]');
     isInvalidPayload('2[true,"foo"]');
     isInvalidPayload('2[null,"bar"]');
+    isInvalidPayload('2["connect"]');
+    isInvalidPayload('2["disconnect","123"]');
 
     expect(() => new Decoder().add("999")).to.throwException(
       /^unknown packet type 9$/