oM noM Security Feeds cve
vulnerability context

CVE-2026-50548

CVSS 9.8 CRITICALEPSS 43%CWE-22OTX 6 pulses

Cursor is a code editor built for programming with AI. Prior to 3.0, Cursor runs agent terminal commands in a sandbox by default, and the sandbox grants write access to the command's working directory. A flaw was identified in how the agent could modify the working_directory parameter, which could cause the sandbox to include writable paths outside the intended workspace. A malicious agent could set working_directory to a sensitive location and write arbitrary files outside the workspace under the user's privileges. This enables non-sandboxed Remote Code Execution — for example by overwritin...

Published 2026-06-25 · last modified 2026-06-26

details

CISA KEV status
Not in catalog
CVSS v3
9.8 / CRITICAL
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
43% percentile (score 0.0058)
CWE
CWE-22
OTX pulses
6 total, 0 recent

source mentions 3

source consensus

  • Bluesky
  • The Hacker News
Want the 3-bullet summary of CVE-2026-50548, plus webhook alerts when KEV is updated? Pro is $10/mo.