Lucene search
K

4 matches found

Cvelist
Cvelist
added 2026/06/25 6:47 p.m.23 views

CVE-2026-50548 Cursor Desktop sandbox escape via agent-controlled working directory

Cursor is a code editor built for programming with AI. Prior to 3.0, Cursor runs agent terminal commands in a sandbox by default, and the sandbox grants write access to the command's working directory. A flaw was identified in how the agent could modify the workingdirectory parameter, which could...

9.3CVSS0.00637EPSS
Exploits0References1
CVE
CVE
added 2026/06/25 6:47 p.m.83 views

CVE-2026-50548

Technical details about CVE-2026-50548 are not publicly available in the provided documents. Monitor for updates to obtain affected products, root cause specifics, impact, and remediation.

9.8CVSS6.2AI score0.00637EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/06/15 9:17 p.m.7 views

CVE-2026-48124

Cursor is a code editor built for programming with AI. In versions prior to 3.0.0, the Cursor Desktop could execute workspace-defined Claude hook commands from .claude/settings.local.json without dedicated user approval. A malicious workspace or agent-created file could configure hooks that run...

8.5CVSS0.00144EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 7:56 p.m.29 views

CVE-2026-48124 Cursor Desktop sandbox escape via Claude hook configuration

Cursor is a code editor built for programming with AI. In versions prior to 3.0.0, the Cursor Desktop could execute workspace-defined Claude hook commands from .claude/settings.local.json without dedicated user approval. A malicious workspace or agent-created file could configure hooks that run...

8.5CVSS0.00144EPSS
Exploits0References1
Rows per page
Query Builder