CVE-2026-54326
Pi Agent: Potential XSS in HTML session exports via Markdown URL sanitization bypass
描述
# Potential XSS in HTML session exports via Markdown URL handling Pi HTML exports render session Markdown into a static HTML file. Affected versions did not consistently reject unsafe Markdown link and image URL schemes. In versions with scheme filtering, C0 control characters in the URL scheme could bypass the check because browsers normalize those characters before navigation. ## Impact The realistic attack path is indirect. An attacker would need to get suitable Markdown into a session, for example through prompt injection that causes the model to include an unsafe link, or through other untrusted session content. The user would then need to export the session as HTML, open or share that file, and click the link. If triggered, script runs in the exported document, not in pi or the user's shell. The main risk is limited disclosure of data embedded in that exported session file. ## Affected versions - Affected: `@mariozechner/pi-coding-agent >= 0.27.5, <= 0.73.1` - Affected: `@earendil-works/pi-coding-agent >= 0.74.0, < 0.78.1` - Patched: `@earendil-works/pi-coding-agent 0.78.1` The old `@mariozechner/pi-coding-agent` package scope has no patched release. It was renamed to `@earendil-works/pi-coding-agent`; users of the old scope should migrate to the new package and upgrade to version 0.78.1 or later. ## Resolution Version 0.78.1 sanitizes Markdown link and image URLs with an allow-list after stripping C0 control characters. ## Recommendations Upgrade `@earendil-works/pi-coding-agent` to version 0.78.1 or later. Regenerate shared HTML exports after upgrading if the underlying sessions contained untrusted content. ## Timeline - 2026-05-29: Report received through GitHub Security Advisories - 2026-06-02: Fix committed - 2026-06-04: Fixed version 0.78.1 released - 2026-06-08: Advisory prepared for publication ## Credits Reported by Paul Urian and Cosmin Alexa of CrowdStrike.
如何修補 CVE-2026-54326
要修補 CVE-2026-54326,請將受影響套件升級到下列已修補版本。
- —升級至 0.78.1 或更新版本
- —未列出修補版本
CVE-2026-54326 正在被利用嗎?
目前沒有被利用訊號。CVE-2026-54326 既不在 CISA KEV 也沒有最新的 EPSS 分數。