Code Execution Vulnerability in Cursor Desktop by Cursor
CVE-2026-48124

8.5HIGH

Key Information:

Vendor: Cursor
Status: Cursor
Vendor: CVE Published:; 15 June 2026

What is CVE-2026-48124?

The Cursor Desktop application, designed for AI programming, has a vulnerability that allows for the execution of workspace-defined Claude hook commands without user consent in versions prior to 3.0.0. An attacker could leverage a malicious workspace or agent-created file to configure hooks that execute local commands in the user's environment when an agent's turn concludes. This presents significant risks such as unauthorized access to local data, persistence of malicious actions, and potential follow-on compromises. It is crucial for users to update to version 3.0.0 to mitigate these risks.

Affected Version(s)

cursor < 3.0.0

References

https://github.com/cursor/cursor/security/advisories/GHSA...

x_refsource_CONFIRM

CVSS V4

Score:

8.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 15, 2026
Vulnerability Reserved
May 20, 2026

CVE-2026-48124 Data

JSON