ThreatCluster

Critical RCE Vulnerabilities Discovered in Cursor IDE: DuneSlide

First seen 1 Jul 2026, 20:16 UTC CybersecuritynewsReddit 77% similarity 73
Share:

Article Content

Browse articles
ThreatCluster

Cato AI Labs disclosed two critical remote code execution (RCE) vulnerabilities, CVE-2026-50548 and CVE-2026-50549, in Cursor IDE, an AI-powered development environment widely used by Fortune 500 companies. These vulnerabilities, collectively named DuneSlide, allow attackers to exploit zero-click prompt injection to execute arbitrary code without user interaction. The flaws enable the agent to ingest untrusted content from sources like MCP servers or web results, leading to sandbox escape and unsandboxed remote code execution. Both vulnerabilities carry a CVSS severity score of 9.8 and were published on June 25, 2026. The attack vector emphasizes the importance of input validation and sandbox security. Organizations using Cursor IDE are advised to monitor for potential exploitation and apply necessary mitigations.

Key Points: • Two critical RCE vulnerabilities in Cursor IDE, CVE-2026-50548 and CVE-2026-50549, were disclosed. • The vulnerabilities allow zero-click prompt injection leading to remote code execution without user action. • Cursor IDE is used by over half of Fortune 500 companies, increasing the potential impact of these vulnerabilities.

ThreatCluster AI

Timeline

2026-06-25
CVE-2026-50548 and CVE-2026-50549 published
Cato AI Labs published two critical RCE vulnerabilities in Cursor IDE, both rated 9.8 CVSS.
Cybersecuritynews
2026-07-01
DuneSlide vulnerabilities disclosed
Cato AI Labs disclosed the DuneSlide vulnerabilities, highlighting zero-click prompt injection risks in Cursor IDE.
Reddit

Community

Browse all →