Ghostwire

CVE-2026-54328: Pi Agent: Predictable temporary extension install paths allow local privilege escalation on shared Linux hosts

HIGH CVSS 7.3 Exploit Available

Published: June 17, 2026 | Last Modified: June 17, 2026

Description

Pi Agent: Predictable temporary extension install paths allow local privilege escalation on shared Linux hosts

Ghostwire Analysis — What This Means Practically

High CVSS score indicates significant risk — exploitation could lead to substantial data exposure or system compromise.
Exploit code is reported to be available, increasing the likelihood of active exploitation.

This analysis is generated by Ghostwire from NVD, CISA KEV, EPSS, and open-source intelligence data. Verify findings through primary sources before acting.

References

github.com/earendil-works/pi/security/advisories/GHSA-jfgx-wxx8-mp94
github.com/earendil-works/pi/pull/5345
github.com/earendil-works/pi/commit/a98e087e5d08ea2a536bf73dbb0aebb87c3ef72e
github.com/earendil-works/pi/commit/ea3465a8e371a12d0167a06b60f93878e3a3df44
github.com/earendil-works/pi/releases/tag/v0.78.1
github.com/advisories/GHSA-jfgx-wxx8-mp94
www.tenable.com/cve/CVE-2026-54328
www.cnnvd.org.cn/home/globalSearch?keyword=CVE-2026-54328