DuneSlide: Cursor IDE Gets Two CVSS 9.8 RCE Flaws via Prompt Injection
Two critical Cursor IDE flaws (CVE-2026-50548, CVE-2026-50549) let prompt injection escape the sandbox and run arbitrary commands. Upgrade to Cursor 3.0 now.
Tools, open source, and developer productivity