HIGH 7.5 PyPI
GHSA-3363-2ph6-35wh · CVE-2026-44716 Pipecat: Path Traversal in Pipecat Runner `/files` Endpoint — Arbitrary File Read via `%2F`-Encoded Separator
Modified: 6/10/2026
package
PyPI / pipecat-ai
pkg:pypi/pipecat-ai
CRITICAL 9.8 PyPI
GHSA-c2jg-5cp7-6wc7 · CVE-2025-62373 Pipecat: Remote Code Execution by Pickle Deserialization Through LivekitFrameSerializer
Modified: 4/23/2026