Critical RCE Vulnerabilities Discovered in Cursor IDE: DuneSlide
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Cato AI Labs disclosed two critical remote code execution (RCE) vulnerabilities, CVE-2026-50548 and CVE-2026-50549, in Cursor IDE, an AI-powered development environment widely used by Fortune 500 companies. These vulnerabilities, collectively named DuneSlide, allow attackers to exploit zero-click prompt injection to execute arbitrary code without user interaction. The flaws enable the agent to ingest untrusted content from sources like MCP servers or web results, leading to sandbox escape and unsandboxed remote code execution. Both vulnerabilities carry a CVSS severity score of 9.8 and were published on June 25, 2026. The attack vector emphasizes the importance of input validation and sandbox security. Organizations using Cursor IDE are advised to monitor for potential exploitation and apply necessary mitigations.
Key Points: • Two critical RCE vulnerabilities in Cursor IDE, CVE-2026-50548 and CVE-2026-50549, were disclosed. • The vulnerabilities allow zero-click prompt injection leading to remote code execution without user action. • Cursor IDE is used by over half of Fortune 500 companies, increasing the potential impact of these vulnerabilities.