CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 4 days ago•14 views

CVE-2026-56307

Cap-go before 12.128.12 has a broken cursor pagination vulnerability in the /private/devices endpoint of the Cloudflare/workerd path. Authenticated attackers with app.read_devices can exploit non-advancing cursor filters to trigger infinite pagination loops, causing duplicate pages and making lat...

5.3CVSS5.9AI score0.00238EPSS

EUVD•added 4 days ago•9 views

EUVD-2026-38124

5.3CVSS5.9AI score0.00238EPSS

Cvelist•added 4 days ago•30 views

CVE-2026-56307 Cap-go - Broken Cursor Pagination in /private/devices Endpoint

5.3CVSS0.00238EPSS

OSSF Malicious Packages•added 2026/06/17 4:58 a.m.•7 views

Malicious code in @mastra/cursor (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ac742321cf72f2fa4cb958772f032eeb2a3ac062d31237ef0699b9de6ac0bc41 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.4AI score

OSV•added 2026/06/17 4:58 a.m.•4 views

MAL-2026-6013 Malicious code in @mastra/cursor (npm)

5.4AI score

NVD•added 2026/06/15 9:17 p.m.•7 views

CVE-2026-48124

Cursor is a code editor built for programming with AI. In versions prior to 3.0.0, the Cursor Desktop could execute workspace-defined Claude hook commands from .claude/settings.local.json without dedicated user approval. A malicious workspace or agent-created file could configure hooks that run...

8.5CVSS0.00144EPSS

Cvelist•added 2026/06/15 7:56 p.m.•25 views

CVE-2026-48124 Cursor Desktop sandbox escape via Claude hook configuration

8.5CVSS0.00144EPSS

EUVD•added 2026/06/15 7:56 p.m.•7 views

EUVD-2026-37002

8.5CVSS5.5AI score0.00144EPSS

CVE•added 2026/06/15 7:15 p.m.•15 views

CVE-2026-52722

GStreamer VMnc decoder in gstreamer1-plugins-bad-free contains a signed integer overflow in cursor payload handling. A crafted VMnc stream with large cursor dimensions can cause signed payload-size arithmetic overflow, bypass a length check, and lead to out-of-bounds reads. This may allow a remot...

7.1CVSS5.4AI score0.00288EPSS

Positive Technologies•added 2026/06/15 12:0 a.m.•8 views

PT-2026-49469

Name of the Vulnerable Software and Affected Versions Cursor versions prior to 3.0.0 Description Cursor Desktop allows the execution of workspace-defined Claude hook commands located in .claude/settings.local.json without requiring explicit user approval. A malicious workspace or a file created b...

8.5CVSS6.1AI score0.00144EPSS

OSV•added 2026/06/12 9:0 p.m.•4 views

GHSA-X4QR-QW6H-WVXQ Fleet: Observer-level enrollment secret extraction via ORDER BY oracle on Apple MDM commands endpoint

Summary A vulnerability in Fleet's Apple MDM commands listing endpoint allowed authenticated users with the lowest-privilege Observer role to extract sensitive values from joined database tables — including host enrollment secrets and Apple Push Notification Service APNS tokens — through a...

6.5CVSS5.5AI score0.00019EPSS

Positive Technologies•added 2026/06/12 12:0 a.m.•13 views

PT-2026-49057

6.5CVSS5.5AI score0.00019EPSS

Metasploit•added 2026/06/11 7:0 p.m.•125 views

VS Code Extension Persistence

This module installs a malicious VS Code extension into the target's VS Code extensions directory. The extension executes the payload each time VS Code is launched, providing persistent code execution. Supports VS Code, VS Code Insiders, VSCodium, VS Code Server, and Cursor. Tested against 1.120....

5.6AI score

Exploits0

Packet Storm News•added 2026/06/11 12:0 a.m.•9 views

VS Code Extension Persistence

This Metasploit module installs a malicious VS Code extension into the target's VS Code extensions directory. The extension executes the payload each time VS Code is launched, providing persistent code execution. Supports VS Code, VS Code Insiders, VSCodium, VS Code Server, and Cursor. Tested...

5.5AI score

Exploits0

MongoDB•added 2026/06/09 9:59 p.m.•5 views

Aggregation sub-pipeline null dereference may allow DoS via crafted getMore

In MongoDB Server 8.0, an aggregation stage can leave its subPipeline field null during processing of certain pipelines. If a getMore is subsequently issued on the same cursor, the server may dereference this null sub-pipeline when reattaching to the operation context, accessing an invalid addres...

7.1CVSS5.5AI score0.00307EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2026/06/06 12:0 a.m.•11 views

PT-2026-47155

Name of the Vulnerable Software and Affected Versions Cursor affected versions not specified Description A sandbox escape exists in the agent component due to a symlink canonicalization failure combined with a writable working directory. This allows the agent to bypass sandbox restrictions and...

5.6AI score0.00076EPSS

Positive Technologies•added 2026/06/06 12:0 a.m.•11 views

PT-2026-47154

🚨 Critical - Sandbox Escape & RCE in Cursor AI Editor CVE-2026-50549, CVE-2026-50548 Two critical vulnerabilities have been disclosed in Cursor's AI agent sandbox. Malicious agents can exploit canonicalization failures via symlinks or manipulate the working directory parameter to write arbitrary...

5.9AI score0.00076EPSS