CVE-2026-31246

MEDIUM

GPT-Pilot thru 0819827 - Command Injection

Title source: llm

Description

GPT-Pilot thru commit 0819827ce20346ef5f25b3fe29293cb448840565 (2025-09-03) contains a command injection vulnerability (CWE-78) in the Executor.run() method. During project execution, when the system prompts the user to confirm or modify a command to be run, it accepts free-text input without proper validation. The user-supplied input is directly passed to asyncio.create_subprocess_shell() for execution. This allows an attacker to replace the intended command with arbitrary shell commands, leading to remote code execution with the privileges of the GPT-Pilot process.

References (2)

Core 2

Core References

https://github.com/Pythagora-io/gpt-pilot

https://www.notion.so/CVE-2026-31246-35d1e1393188812ea3c6c88ad28d3d57

Scores

CVSS v3 6.5

EPSS 0.0070

EPSS Percentile 48.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-78

Status published

Products (1)

pypi/gpt-pilot 0 - 0.0.10PyPI

Published May 11, 2026

Tracked Since May 11, 2026