CVE-2026-54328
Received Received - Intake
Predictable Temporary Path Vulnerability in Pi Terminal Coding Harness

Publication date: 2026-06-23

Last updated on: 2026-06-23

Assigner: GitHub, Inc.

Description
Pi is a minimal terminal coding harness. From 0.74.0 until 0.78.1, Pi versions with temporary npm or git extension package installs used predictable paths under the operating system temporary directory. On Linux-based multi-user systems, a local attacker who can write to the shared temporary directory could prepare the expected package location before another user runs pi with a temporary extension package source. Pi could then load attacker-controlled extension code in the victim user's process. This vulnerability is fixed in 0.78.1.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-23
Last Modified
2026-06-23
Generated
2026-06-24
AI Q&A
2026-06-24
EPSS Evaluated
N/A
NVD
CVE-2026-54328
Affected Vendors & Products
Showing 4 associated CPEs
Vendor Product Version / Range
earendil-works pi From 0.74.0 (inc) to 0.78.1 (exc)
earendil-works pi 0.78.1
mariozechner pi-coding-agent From 0.50.0 (inc) to 0.73.1 (inc)
mariozechner pi-coding-agent 0.73.1
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-379 The product creates a temporary file in a directory whose permissions allow unintended actors to determine the file's existence or otherwise access that file.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

The vulnerability allows local privilege escalation and arbitrary code execution on multi-user Linux systems by loading attacker-controlled extension code in the victim user's process. This can lead to unauthorized file access, denial of service, or data loss.

Such unauthorized access and potential data loss could impact compliance with standards and regulations like GDPR and HIPAA, which require protection of sensitive data and prevention of unauthorized access.

Therefore, if exploited, this vulnerability could result in violations of data protection requirements under these regulations.

The fix involves moving temporary extensions to a private per-user directory with restricted permissions, mitigating the risk.

Executive Summary

CVE-2026-54328 is a vulnerability in the Pi coding agent versions from 0.74.0 up to but not including 0.78.1. It occurs because temporary extension packages installed via npm or git use predictable paths under the system's temporary directory on Linux-based multi-user systems.

A local attacker who has write access to the shared temporary directory can pre-create the expected package location. When another user runs Pi with a temporary extension package source, Pi may load the attacker-controlled extension code in the victim user's process.

Since the extensions execute with the same privileges as the invoking user, this can lead to arbitrary code execution, file access, denial of service, or data loss.

The vulnerability mainly affects multi-user Linux systems where the temporary directory is shared. It is fixed in version 0.78.1 by moving temporary extensions to a private per-user directory with restricted permissions.

Impact Analysis

This vulnerability can allow a local attacker on a multi-user Linux system to escalate privileges by executing arbitrary code within the context of another user running Pi.

  • Arbitrary code execution in the victim user's process.
  • Unauthorized file access.
  • Denial of service.
  • Potential data loss.

The attack requires the attacker to have write access to the shared temporary directory and some user interaction, but the impact is high due to the ability to run malicious code with user privileges.

Detection Guidance

This vulnerability involves Pi versions using temporary npm or git extension packages stored in predictable paths under the system's temporary directory (os.tmpdir()/pi-extensions). Detection involves checking if your system has Pi versions between 0.74.0 and 0.78.1 (or corresponding vulnerable versions of pi-coding-agent) installed and if temporary extension packages are being installed or used from the shared temporary directory.

On a Linux multi-user system, you can inspect the shared temporary directory for the presence of pi extension folders or suspicious files that could indicate exploitation attempts.

  • Check Pi version installed: `pi --version` or check package.json dependencies for @earendil-works/pi-coding-agent or @mariozechner/pi-coding-agent versions.
  • List contents of the shared temporary directory used by Pi extensions: `ls -la /tmp/pi-extensions` or `ls -la $(node -p "require('os').tmpdir()")/pi-extensions`
  • Look for unexpected or suspicious files or directories in the temporary extension path that could indicate pre-placed attacker code.
  • Check running Pi processes and their loaded extensions to see if any extensions are loaded from the shared temporary directory.
Mitigation Strategies

The primary mitigation is to upgrade Pi to version 0.78.1 or later, where the vulnerability is fixed by moving temporary extension packages to a private per-user directory with restricted permissions.

If upgrading immediately is not possible, avoid using temporary npm or git extension packages on vulnerable Pi versions, especially on multi-user Linux systems where the temporary directory is shared.

  • Upgrade Pi or pi-coding-agent to version 0.78.1 or later.
  • Avoid running Pi with temporary extension packages sourced from npm or git on shared Linux hosts.
  • Restrict write permissions to the shared temporary directory (e.g., /tmp/pi-extensions) to prevent local attackers from pre-creating extension paths.
  • Consider monitoring and auditing the shared temporary directory for suspicious activity.
Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-54328. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart