<img height="1" width="1" style="display: none" alt="" src="https://px.ads.linkedin.com/collect/?pid=1098858&amp;fmt=gif">

Critical RCE Flaws in Cursor IDE Let Attackers Escape Sandbox With Zero Clicks

Critical vulnerabilities in Cursor IDE allow remote code execution without user interaction, threatening Fortune 500 companies.
Content Team

Two critical vulnerabilities in Cursor IDE — the AI coding tool used by over half of Fortune 500 companies — can give attackers full remote code execution without any user interaction. Discovered by Cato AI Labs and dubbed "DuneSlide," both flaws carry a 9.8 CVSS score (CVE-2026-50548 and CVE-2026-50549).

The attack works through prompt injection: a victim simply types a normal prompt that accidentally pulls in attacker-controlled content — from a poisoned web search or rogue MCP server. From there, attackers can overwrite core sandbox binaries and compromise both the local machine and connected SaaS workspaces.

Cato says more disclosures are coming across other AI coding agents.

Source: Cybersecurity News

Share this article
Share on facebook Share on linkedin Share on twitter Share on email
blog_book_a_demo_cta_3x
Have questions about protecting your software?
Our escrow experts are standing by to help.
Book a free demo