Path Traversal Vulnerability in Pipecat Framework for Voice Agents
CVE-2026-44716

7.5HIGH

Key Information:

Vendor

Pipecat-ai

Status
Vendor
CVE Published:
9 June 2026

What is CVE-2026-44716?

Pipecat, an open-source Python framework for developing conversational agents, is prone to a path traversal vulnerability in its development runner. This vulnerability allows a malicious user to manipulate the filename path parameter within the GET /files/{filename:path} download endpoint, exposing sensitive files on the server. By using the --folder flag, an attacker can send an unauthenticated HTTP request to access files beyond the intended directory, potentially gaining access to SSH private keys, credentials, and other critical system files. This security issue was addressed in Pipecat version 1.2.0.

Affected Version(s)

pipecat >= 0.0.90, < 1.2.0

References

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.