CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Chainguard•added 2026/05/22 7:17 p.m.•7 views

CVE-2026-46680 vulnerabilities

Vulnerabilities for packages: chartmuseum, helm-exporter, chainctl-fips, tw, kargo, fuse-overlayfs-snapshotter, trivy-fips, kubevela-fips, grype-fips, xeol, kubescape-operator, docker-fips, helm-mapkubeapis, tigera-operator, neuvector, k3s, k8ssandra-client-fips, helm-exporter-fips, cg, k9s,...

EUVD•added 2026/04/23 9:15 p.m.•1 views

Exploits1

EUVD-2025-209570

Pipecat: Remote Code Execution by Pickle Deserialization Through LivekitFrameSerializer...

9.8CVSS5.8AI score0.00875EPSS

Exploits1References3

OSV•added 2026/04/23 9:15 p.m.•1 views

GHSA-C2JG-5CP7-6WC7 Pipecat: Remote Code Execution by Pickle Deserialization Through LivekitFrameSerializer

Remote Code Execution via Unsafe Deserialization in Pipecat's LivekitFrameSerializer Summary A critical vulnerability exists in Pipecat's LivekitFrameSerializer – an optional, non-default, undocumented frame serializer class now deprecated intended for LiveKit integration. The class's deserialize...

9.8CVSS7.1AI score0.00875EPSS

Exploits1References4

Snyk•added 2026/04/23 9:15 p.m.•7 views

Deserialization of Untrusted Data

Overview pipecat-ai is an An open source framework for voice and multimodal assistants Affected versions of this package are vulnerable to Deserialization of Untrusted Data in the deserialize function of the LivekitFrameSerializer class, which uses pickle.loads on untrusted data received from...

9.8CVSS6.2AI score0.00875EPSS

Exploits1References2

Cvelist•added 2026/04/23 2:40 p.m.•28 views

CVE-2025-62373 Pipecat vulnerable to Remote Code Execution by Pickle Deserialization via LivekitFrameSerializer

9.8CVSS0.00875EPSS

Vulnrichment•added 2026/04/23 2:40 p.m.•3 views

CVE-2025-62373 Pipecat vulnerable to Remote Code Execution by Pickle Deserialization via LivekitFrameSerializer

9.8CVSS6.9AI score0.00875EPSS

CNNVD•added 2026/04/23 12:0 a.m.•5 views

Pipecat 代码问题漏洞

Pipecat is an open-source development framework developed by Pipecat that supports real-time audio and video stream processing as well as AI-powered dialogue interactions. Versions 0.0.41 to 0.0.93 of Pipecat contain code vulnerabilities. These vulnerabilities stem from the deserialize method of...

9.8CVSS6.2AI score0.00875EPSS

Chainguard•added 2026/04/03 7:17 p.m.•5 views

CVE-2026-34986 vulnerabilities

Vulnerabilities for packages: witness, gitlab-kas-fips, kargo, trivy-fips, grafana-alloy, crossplane-provider-gcp, grype-fips, sigstore-scaffolding-fips, terraform-provider-acme, step-kms-plugin, consul-fips, vault-csi-provider, bento, crossplane-provider-terraform-fips, harbor-registry, dapr-fip...

7.5CVSS6.8AI score0.00035EPSS

Chainguard•added 2026/03/31 7:55 a.m.•4 views

CVE-2026-33762 vulnerabilities

Vulnerabilities for packages: witness, chainctl-fips, flux-fips, kargo, external-secrets-operator, gitaly-fips, trivy-fips, kubevela-fips, pulumi-language-dotnet, snyk-cli, grafana-alloy, trufflehog, grype-fips, rancher-fleet-fips, gitaly, xeol, gomplate-fips, gitsign, src-fingerprint, flux, cg,...

2.8CVSS5.4AI score0.00005EPSS

Chainguard•added 2026/03/31 7:55 a.m.•4 views

GHSA-GM2X-2G9H-CCM8 vulnerabilities

Chainguard•added 2026/03/31 7:55 a.m.•4 views

CVE-2026-34165 vulnerabilities

5CVSS7.5AI score0.00005EPSS

Chainguard•added 2026/03/27 7:17 a.m.•2 views

GHSA-4C29-8RGM-JVJJ vulnerabilities

Vulnerabilities for packages: osv-scanner, trivy-fips, scorecard, trivy-operator-fips, kubescape-server, buildah, guac, skaffold, docker-fips, conftest-fips, kaniko, cloudbeat, conftest, docker-cli-buildx, buildah-fips, docker-cli-buildx-fips, zot, kaniko-fips, cloudbeat-fips, docker-compose-fips...

Chainguard•added 2026/03/27 7:17 a.m.•2 views

GHSA-4VRQ-3VRQ-G6GG vulnerabilities

Chainguard•added 2026/03/27 7:17 a.m.•4 views

CVE-2026-33747 vulnerabilities

9.8CVSS5.4AI score0.00063EPSS

Chainguard•added 2026/03/27 7:17 a.m.•3 views

CVE-2026-33748 vulnerabilities

8.2CVSS7.1AI score0.00032EPSS

Chainguard•added 2026/03/20 7:17 a.m.•1 views

CVE-2026-33252 vulnerabilities

Vulnerabilities for packages: ferretdb, flux-operator, glab, opencost, gitlab-workhorse-ce-fips, osv-scanner, jaeger-fips, flux-operator-fips, jaeger, datadog-agent, livekit-cli, opencost-fips, datadog-agent-fips, gitlab-workhorse-ce...

7.1CVSS6.3AI score0.00009EPSS

Chainguard•added 2026/03/20 7:17 a.m.•2 views

GHSA-Q382-VC8Q-7JHJ vulnerabilities

Chainguard•added 2026/03/20 7:17 a.m.•1 views

GHSA-89XV-2J6F-QHC8 vulnerabilities

Chainguard•added 2026/02/28 7:17 p.m.•3 views

GHSA-9H8M-3FM2-QJRQ vulnerabilities

Vulnerabilities for packages: witness, kong-ingress-controller, trivy-fips, cluster-api-gcp-controller, terraform, crossplane-provider-gcp, grype-fips, docker-fips, apm-server, aws-ebs-csi-driver-fips, tekton-chains, fluent-operator, seaweedfs, dkron, steampipe,...