CRITICALAi
Global

Critical Cursor Flaws Could Let Prompt Injection Escape Sandbox and Run Commands

·Source: The Hacker News

Updated:

Executive Summary

Two flaws in Cursor, an AI code editor, could let a single, ordinary-looking prompt break out of the editor's safety sandbox and run any command on a developer's computer. There is no click to fall for and no approval box to ignore. Cato AI Labs found the pair and named them DuneSlide. They are tracked as CVE-2026-50548 and CVE-2026-50549, both rated 9.8 out of 10 (or 9.3

Analysis

Two flaws in Cursor, an AI code editor, could let a single, ordinary-looking prompt break out of the editor's safety sandbox and run any command on a developer's computer. There is no click to fall for and no approval box to ignore. Cato AI Labs found the pair and named them DuneSlide. They are tracked as CVE-2026-50548 and CVE-2026-50549, both rated 9.8 out of 10 (or 9.3

Indicators of Compromise (2)

CVE (2)
CVE-2026-50548
CVE-2026-50549
Source Attribution

Originally published by The Hacker News on Jul 1, 2026.

Related Threats