EXECUTIVE SUMMARY:
CVE-2026-54328 with a CVSS score of 7.3 is a vulnerability in the Pi Agent, specifically in the @earendil-works/pi-coding-agent and @mariozechner/pi-coding-agent packages, that allows predictable temporary extension installation paths, enabling local privilege escalation on shared Linux hosts. The flaw exists in the temporary npm or Git extension package installation process, where installation paths are deterministic and located within the operating system's temporary directory, allowing an attacker to prepare the expected package location before another user runs Pi with a temporary extension package source. An attacker with access to the same host can exploit this issue by writing malicious content to the shared temporary directory and preparing the expected package location. Successful exploitation enables arbitrary extension code execution under the victim user's privileges, potentially leading to unauthorized file access, data modification, denial of service, or data loss. The business impact is particularly significant on shared Linux-based multi-user environments such as development systems, CI runners, and HPC login nodes, where temporary directories are shared among users. Exploitation requires a victim to run a vulnerable Pi Agent instance with a temporary npm or Git extension package source that resolves to an attacker-controlled location.[/subscribe_to_unlock_form]
EXECUTIVE SUMMARY:
CVE-2026-54328 with a CVSS score of 7.3 is a vulnerability in the Pi Agent, specifically in the @earendil-works/pi-coding-agent and @mariozechner/pi-coding-agent packages, that allows predictable temporary extension installation paths, enabling local privilege escalation on shared Linux hosts. The flaw exists in the temporary npm or Git extension package installation process, where installation paths are deterministic and located within the operating system's temporary directory, allowing an attacker to prepare the expected package location before another user runs Pi with a temporary extension package source. An attacker with access to the same host can exploit this issue by writing malicious content to the shared temporary directory and preparing the expected package location. Successful exploitation enables arbitrary extension code execution under the victim user's privileges, potentially leading to unauthorized file access, data modification, denial of service, or data loss. The business impact is particularly significant on shared Linux-based multi-user environments such as development systems, CI runners, and HPC login nodes, where temporary directories are shared among users. Exploitation requires a victim to run a vulnerable Pi Agent instance with a temporary npm or Git extension package source that resolves to an attacker-controlled location.[emaillocker id="1283"]
RECOMMENDATION:
REFERENCES:
The following reports contain further technical details:
[/emaillocker]