Severity: Critical
CVSS Score: 9.8
Insecure permissions in pipecd v0.49 allow attackers to gain access to the service account's token, leading to escalation of privileges.