pipecat-ai
PyPI3 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting pipecat-aipage 1 of 1
- CVE-2025-62373CRITICALCVSS 9.8EG 9.8✓ Fixed in 0.0.942026-04-23
vulnerable: 0.0.41 ... 0.0.93 (53 versions)
Pipecat is an open-source Python framework for building real-time voice and multimodal conversational agents. Versions 0.0.41 through 0.0.93 have a vulnerability in `LivekitFrameSerializer` – an optional, non-default, undocumented frame …
- CVE-2026-44716HIGHCVSS 7.5EG 7.5✓ Fixed in 1.2.02026-05-15
vulnerable: 0.0.100 ... 1.1.0 (21 versions)
Pipecat is an open-source Python framework for building real-time voice and multimodal conversational agents. From version 0.0.90 to before version 1.2.0, a path traversal vulnerability exists in Pipecat's development runner (src/pipecat/r…
- CVE-2026-54695HIGHCVSS 7.5EG 7.5✓ Fixed in 1.4.02026-06-18
vulnerable: 0.0.100 ... 1.3.0 (37 versions)
Pipecat is an open-source Python framework for building real-time voice and multimodal conversational agents. Prior to 1.4.0, the pipecat development runner registers a /ws WebSocket endpoint for telephony testing that accepts connections …
Check whether pipecat-ai is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for pipecat-ai CVEs against the assets you own.
Start Free Scan →