{"data":{"id":"8214eaa5-3c8d-4a15-bbb7-2614a5e75f3d","title":"GHSA-c2jg-5cp7-6wc7: Pipecat: Remote Code Execution by Pickle Deserialization Through LivekitFrameSerializer","summary":"Pipecat's LivekitFrameSerializer contains a critical vulnerability where its deserialize() method uses pickle.loads() (a Python function that reconstructs objects from binary data) on untrusted WebSocket client data without validation. An attacker can send a malicious pickle payload to execute arbitrary code on the server, potentially compromising the entire system. This affects servers using the now-deprecated LivekitFrameSerializer, especially if exposed to external networks.","solution":"In Pipecat version 0.0.90, the vulnerable LivekitFrameSerializer class was officially deprecated in favor of a safer LiveKitTransport method.","labels":["security"],"sourceUrl":"https://github.com/advisories/GHSA-c2jg-5cp7-6wc7","publishedAt":"2026-04-23T21:15:42.000Z","cveId":"CVE-2025-62373","cweIds":null,"cvssScore":null,"cvssSeverity":"critical","severity":"critical","attackType":["supply_chain"],"issueType":"vulnerability","affectedPackages":["pipecat-ai@>= 0.0.41, < 0.0.94 (fixed: 0.0.94)"],"affectedVendors":["LangChain"],"affectedVendorsRaw":["Pipecat","LiveKit"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0,"patchAvailable":true,"disclosureDate":"2026-04-23T21:15:42.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"trivial","impactType":["confidentiality","integrity","availability"],"aiComponentTargeted":"framework","llmSpecific":false,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":["AML.T0010"]}}