diff --git a/src/analyzer/protocol/quic/QUIC.evt b/src/analyzer/protocol/quic/QUIC.evt
index c70717851f..b81b0084db 100644
--- a/src/analyzer/protocol/quic/QUIC.evt
+++ b/src/analyzer/protocol/quic/QUIC.evt
@@ -20,3 +20,5 @@ on QUIC::ZeroRTTPacket -> event QUIC::zero_rtt_packet($conn, $is_orig, self.head
 
 on QUIC::ConnectionClosePayload -> event QUIC::connection_close_frame($conn, $is_orig, self.header.version, self.header.dest_conn_id, self.header.src_conn_id,
                                                                       self.error_code.result, self.reason_phrase);
+
+on QUIC::UnhandledVersion -> event QUIC::unhandled_version($conn, $is_orig, self.header.version, self.header.dest_conn_id, self.header.src_conn_id);
diff --git a/src/analyzer/protocol/quic/QUIC.spicy b/src/analyzer/protocol/quic/QUIC.spicy
index 284e152e40..df5e89d7ca 100644
--- a/src/analyzer/protocol/quic/QUIC.spicy
+++ b/src/analyzer/protocol/quic/QUIC.spicy
@@ -204,6 +204,16 @@ public type LongHeaderPacketV2 = unit(inout outer: LongHeaderPacket) {
   };
 };
 
+# Just eat the data for event raising.
+public type UnhandledVersion = unit(header: LongHeaderPacket) {
+  var header: LongHeaderPacket = header;
+@if SPICY_VERSION >= 10800
+  payload: skip bytes &eod;
+@else
+  payload: bytes &eod;
+@endif
+};
+
 public type LongHeaderPacket = unit {
   var encrypted_offset: uint64;
   var payload_length: uint64;
@@ -228,6 +238,9 @@ public type LongHeaderPacket = unit {
   switch ( self.version ) {
     Version1 -> v1: LongHeaderPacketV1(self);
     Version2 -> v2: LongHeaderPacketV2(self);
+    * -> unknown: UnhandledVersion(self) {
+      throw "unhandled QUIC version 0x%x" % self.version;
+    }
   };
 };
 
diff --git a/testing/btest/Baseline/scripts.base.protocols.quic.vector-max-size-crash/analyzer.log.cut b/testing/btest/Baseline/scripts.base.protocols.quic.vector-max-size-crash/analyzer.log.cut
index 2b3de832a7..a8d2f384e3 100644
--- a/testing/btest/Baseline/scripts.base.protocols.quic.vector-max-size-crash/analyzer.log.cut
+++ b/testing/btest/Baseline/scripts.base.protocols.quic.vector-max-size-crash/analyzer.log.cut
@@ -1,3 +1,3 @@
 ### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63.
 ts	uid	cause	analyzer_kind	analyzer_name	failure_reason
-1693925959.000001	CHhAvVGS1DHFjwGM9	violation	protocol	QUIC	&requires failed: self.length.result >= 20 (<...>/QUIC.spicy:<line>:<column>)
+1693925959.000001	CHhAvVGS1DHFjwGM9	violation	protocol	QUIC	unhandled QUIC version 0x10010000 (<...>/QUIC.spicy:<line>:<column>)
diff --git a/testing/btest/Baseline/scripts.base.protocols.quic.vector-max-size-crash/out b/testing/btest/Baseline/scripts.base.protocols.quic.vector-max-size-crash/out
new file mode 100644
index 0000000000..3f16ba040c
--- /dev/null
+++ b/testing/btest/Baseline/scripts.base.protocols.quic.vector-max-size-crash/out
@@ -0,0 +1,2 @@
+### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63.
+QUIC::unhandled_version, CHhAvVGS1DHFjwGM9, T, 268500992, \x00, 
diff --git a/testing/btest/scripts/base/protocols/quic/vector-max-size-crash.zeek b/testing/btest/scripts/base/protocols/quic/vector-max-size-crash.zeek
index 78e9adeb9b..77636fc5f2 100644
--- a/testing/btest/scripts/base/protocols/quic/vector-max-size-crash.zeek
+++ b/testing/btest/scripts/base/protocols/quic/vector-max-size-crash.zeek
@@ -1,11 +1,15 @@
 # @TEST-DOC: Test that runs the pcap
 
 # @TEST-REQUIRES: ${SCRIPTS}/have-spicy
-# @TEST-EXEC: zeek -Cr $TRACES/quic/vector-max-size-crash.pcap base/protocols/quic
+# @TEST-EXEC: zeek -Cr $TRACES/quic/vector-max-size-crash.pcap base/protocols/quic %INPUT > out
 # @TEST-EXEC: zeek-cut -m ts uid history service < conn.log > conn.log.cut
 # @TEST-EXEC: zeek-cut -m ts uid cause analyzer_kind analyzer_name failure_reason < analyzer.log > analyzer.log.cut
 # @TEST-EXEC: btest-diff conn.log.cut
+# @TEST-EXEC: btest-diff out
 
-# Only run btest-ddiff on analyzer.log with 6.1-dev or later. The violation
-# reporting has more detail in later versions.
-# @TEST-EXEC: zeek -b -e 'exit(Version::info$version_number < 60100 ? 0 : 1)' || TEST_DIFF_CANONIFIER='sed -r "s/\((.+)\.spicy:[0-9]+:[0-9]+\)/(\1.spicy:<line>:<column>)/g" | $SCRIPTS/diff-remove-abspath' btest-diff analyzer.log.cut
+# @TEST-EXEC: TEST_DIFF_CANONIFIER='sed -r "s/\((.+)\.spicy:[0-9]+:[0-9]+\)/(\1.spicy:<line>:<column>)/g" | $SCRIPTS/diff-remove-abspath' btest-diff analyzer.log.cut
+
+event QUIC::unhandled_version(c: connection, is_orig: bool, version: count, dcid: string, scid: string)
+	{
+	print "QUIC::unhandled_version", c$uid, is_orig, version, dcid, scid;
+	}