CVE Tools
Back to feed
The Hacker News ·EN News source

Critical Cursor Flaws Could Let Prompt Injection Escape Sandbox and Run Commands

By The Hacker News··4 min read
CVE Tools coverage

AI code editor Cursor has two critical issues, tracked as CVE-2026-50548 and CVE-2026-50549, where prompt injection can bypass Cursor’s command sandbox and execute arbitrary commands on a developer’s machine without any user click or approval. The flaws matter because they allow attackers to neutralize the safety boundary using seemingly normal inputs (such as content read via MCP or web results), potentially leading to full local compromise and access to connected workspaces. Cursor fixed both problems in Cursor 3.0; all versions prior to 3.0 are affected.