Code Execution Flaw in Cursor Code Editor by Cursor Technologies
CVE-2026-50548

9.3CRITICAL

Key Information:

Vendor: Cursor
Status: Cursor
Vendor: CVE Published:; 25 June 2026

What is CVE-2026-50548?

A security vulnerability exists in the Cursor Code Editor, where it runs agent terminal commands in a sandbox environment. However, prior to version 3.0, the sandbox configuration allowed an agent to modify the working_directory parameter. This could lead to malicious agents writing files to unintended locations, bypassing the sandbox's restrictions. An attacker could exploit this by redirecting the working_directory to sensitive areas and potentially executing arbitrary code without user consent, thus compromising system integrity. The issue has been resolved in version 3.0.

Affected Version(s)

cursor < 3.0

References

https://github.com/cursor/cursor/security/advisories/GHSA...

x_refsource_CONFIRM

CVSS V4

Score:

9.3

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 25, 2026
Vulnerability Reserved
Jun 4, 2026

CVE-2026-50548 Data

JSON