{"data":{"id":"a8eda14c-ee00-487e-b55b-76535495cd0c","title":"CVE-2026-50549: Cursor is a code editor built for programming with AI. Prior to 3.0, Cursor runs agent terminal commands in a sandbox by","summary":"Cursor, a code editor that uses AI to help with programming, had a security flaw in versions before 3.0 where its sandbox protection (a restricted environment that limits what programs can do) could be bypassed. An AI agent could create a symlink (a shortcut that points to a different location) inside the workspace to trick the editor into writing files outside the workspace without user approval, potentially allowing an attacker to run code with full system access.","solution":"This vulnerability is fixed in version 3.0.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2026-50549","publishedAt":"2026-06-25T19:16:39.793Z","cveId":"CVE-2026-50549","cweIds":["CWE-59"],"cvssScore":null,"cvssSeverity":null,"severity":"critical","attackType":["supply_chain"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["Cursor"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0,"patchAvailable":null,"disclosureDate":"2026-06-25T19:16:39.793Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["integrity","availability"],"aiComponentTargeted":"agent","llmSpecific":false,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":["AML.T0010"]}}