PatchSiren cyber security CVE debrief
CVE-2026-54695 pipecat-ai CVE debrief
The CVE record for CVE-2026-54695 was published on 2026-07-09T19:17:06.540Z and has not been modified since then. The NVD entry is currently Undergoing Analysis. This vulnerability affects Pipecat framework versions prior to 1.4.0, allowing unauthenticated call-control attacks. The Pipecat development runner registers a /ws WebSocket endpoint for telephony testing that accepts connections without authentication. An attacker can supply a callSid from a Twilio stream-start handshake, which is then passed to TwilioFrameSerializer. This allows the server to issue an authenticated Twilio REST API hang-up request with the server operator's credentials. Similar unauthenticated call-control sinks exist for Telnyx and Plivo. The issue is fixed in version 1.4.0.
- Vendor
- pipecat-ai
- Product
- pipecat
- CVSS
- HIGH 7.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-07-09
- Original CVE updated
- 2026-07-10
- Advisory published
- 2026-07-09
- Advisory updated
- 2026-07-10
Who should care
Users of Pipecat framework versions prior to 1.4.0 should apply the patch to prevent unauthenticated call-control attacks. Affected operators, platforms, vulnerability-management, and security teams should review the vulnerability's impact and take necessary actions. Compensating controls should be reviewed for exposed systems while remediation is scheduled and verified.
Technical summary
The Pipecat development runner registers a /ws WebSocket endpoint for telephony testing that accepts connections without authentication. An attacker can supply a callSid from a Twilio stream-start handshake, which is then passed to TwilioFrameSerializer. This allows the server to issue an authenticated Twilio REST API hang-up request with the server operator's credentials. Similar unauthenticated call-control sinks exist for Telnyx and Plivo. The issue is fixed in version 1.4.0. Affected product context and defensive impact should be considered when reviewing this vulnerability.
Defensive priority
High priority due to high CVSS score of 7.5 and potential for unauthenticated attacks. Defenders should verify the vulnerability's impact and take necessary actions to prevent exploitation.
Recommended defensive actions
- Apply the patch by upgrading to Pipecat version 1.4.0 or later
- Restrict access to the /ws WebSocket endpoint
- Monitor for suspicious activity on the WebSocket endpoint
- Implement authentication for the WebSocket endpoint
- Review and update configurations for Telnyx and Plivo
- Confirm whether affected product deployments exist in managed environments and assign an owner for follow-up
- Review compensating controls for exposed systems while remediation is scheduled and verified
Evidence notes
Evidence is based on the CVE record and NVD details. Limited information is available about the vulnerability's impact and affected systems. The CVE record was published on 2026-07-09T19:17:06.540Z and has not been modified since then. The NVD entry is currently Undergoing Analysis. Affected product deployments should be confirmed to exist in managed environments, and an owner should be assigned for follow-up. The official advisory or CVE record should be reviewed to validate affected scope, severity, and vendor guidance.
Official resources
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-09T19:17:06.540Z and has not been modified since then. The NVD entry is currently Undergoing Analysis.