4 matches found
EUVD-2026-2678
Cursor is a code editor built for programming with AI. Prior to 2.3, hen the Cursor Agent is running in Auto-Run Mode with Allowlist mode enabled, certain shell built-ins can still be executed without appearing in the allowlist and without requiring user approval. This allows an attacker via...
CVE-2026-22708
CVE-2026-22708 affects Cursor (AI-enhanced code editor). Prior to version 2.3, when the Cursor Agent runs in Auto-Run mode with Allowlist enabled, certain shell built-ins can be executed without appearing in the allowlist or requiring user approval. This enables an attacker to perform indirect or...
CVE-2026-22708 Cursor has a Terminal Tool Allowlist Bypass via Environment Variables
Cursor is a code editor built for programming with AI. Prior to 2.3, hen the Cursor Agent is running in Auto-Run Mode with Allowlist mode enabled, certain shell built-ins can still be executed without appearing in the allowlist and without requiring user approval. This allows an attacker via...
CVE-2026-22708 Cursor has a Terminal Tool Allowlist Bypass via Environment Variables
Cursor is a code editor built for programming with AI. Prior to 2.3, hen the Cursor Agent is running in Auto-Run Mode with Allowlist mode enabled, certain shell built-ins can still be executed without appearing in the allowlist and without requiring user approval. This allows an attacker via...