Two critical vulnerabilities in Cursor IDE — the AI coding tool used by over half of Fortune 500 companies — can give attackers full remote code execution without any user interaction. Discovered by Cato AI Labs and dubbed "DuneSlide," both flaws carry a 9.8 CVSS score (CVE-2026-50548 and CVE-2026-50549).
The attack works through prompt injection: a victim simply types a normal prompt that accidentally pulls in attacker-controlled content — from a poisoned web search or rogue MCP server. From there, attackers can overwrite core sandbox binaries and compromise both the local machine and connected SaaS workspaces.
Cato says more disclosures are coming across other AI coding agents.
Source: Cybersecurity News