Live Cybersecurity News Ticker | Codekeeper

Critical RCE Flaws in Cursor IDE Let Attackers Escape Sandbox With Zero Clicks

Written by Content Team | Jul 2, 2026 12:22:34 PM

Two critical vulnerabilities in Cursor IDE — the AI coding tool used by over half of Fortune 500 companies — can give attackers full remote code execution without any user interaction. Discovered by Cato AI Labs and dubbed "DuneSlide," both flaws carry a 9.8 CVSS score (CVE-2026-50548 and CVE-2026-50549).

The attack works through prompt injection: a victim simply types a normal prompt that accidentally pulls in attacker-controlled content — from a poisoned web search or rogue MCP server. From there, attackers can overwrite core sandbox binaries and compromise both the local machine and connected SaaS workspaces.

Cato says more disclosures are coming across other AI coding agents.

Source: Cybersecurity News