Please email disclosures@daily.co.
Security: pipecat-ai/pipecat
Security
SECURITY.md
-
Path Traversal in Pipecat Runner `/files` Endpoint — Arbitrary File Read via `%2F`-Encoded SeparatorGHSA-3363-2ph6-35wh published
May 15, 2026 by markbackmanHigh -
Remote Code Execution by Pickle Deserialization via LivekitFrameSerializer in pipecat-ai/pipecatGHSA-c2jg-5cp7-6wc7 published
Apr 23, 2026 by markbackmanCritical
Learn more about advisories related to pipecat-ai/pipecat in the GitHub Advisory Database