Ghostwire

CVE-2026-54325: Pi Agent: Pi loads project-local extensions without approval

MEDIUM CVSS 4.4 Exploit Available

Published: June 17, 2026 | Last Modified: June 17, 2026

Description

Pi Agent: Pi loads project-local extensions without approval

Ghostwire Analysis — What This Means Practically

Medium CVSS score indicates moderate risk — exploitation requires specific conditions or results in limited impact.
Exploit code is reported to be available, increasing the likelihood of active exploitation.

This analysis is generated by Ghostwire from NVD, CISA KEV, EPSS, and open-source intelligence data. Verify findings through primary sources before acting.

References

github.com/earendil-works/pi/security/advisories/GHSA-mqxh-6gq7-558m
github.com/earendil-works/pi/commit/38f18be44727e669eb0a6e2eb8edb51b0232d83c
github.com/earendil-works/pi/commit/718215bd95b6fc6fa251580d27ea8aab857de390
github.com/earendil-works/pi/commit/89a92207f1c9303d53d822fd9b0ac21578834cb4
github.com/earendil-works/pi/commit/ce3a72444e1cc1eaa50475fb3378c7ffbb53ef49
github.com/earendil-works/pi/commit/ff3e9df5f5b32368c20b0ef553a6834b3dee9350
github.com/earendil-works/pi/releases/tag/v0.79.0
github.com/advisories/GHSA-mqxh-6gq7-558m
www.tenable.com/cve/CVE-2026-54325
www.cnnvd.org.cn/home/globalSearch?keyword=CVE-2026-54325