# Critical Cursor AI IDE Flaws Could Lead to OS-Level Remote Code Execution

_Sunday, July 12, 2026 at 8:00 AM EDT · Products · Latest · Tier 2 — Notable_

![Critical Cursor AI IDE Flaws Could Lead to OS-Level Remote Code Execution — Primary](https://www.securityweek.com/wp-content/uploads/2025/11/NPM-code-software-development.jpeg)

Two critical vulnerabilities in the Cursor AI code editor could allow remote code execution on the underlying operating system, Cato Networks reported. The flaws, tracked as CVE-2026-50548 and CVE-2026-50549 with a CVSS score of 9.8, are collectively referred to as DuneSlide because they enable remote code execution outside the IDE's sandbox, Cato said. The first vulnerability abuses Cursor's automatic terminal command execution, which does not prompt the user for approval. A non-default value assigned to the working_directory parameter adds the path to an allow list, allowing an attacker to overwrite the cursorsandbox executable and run future commands without sandbox restrictions, according to Cato. The second, independent flaw affects file path resolution edge cases and can be exploited via symbolic links to bypass out-of-bounds write protections. A flaw in the agent's path canonicalization logic results in Cursor falling back to the original symlink path, allowing an attacker to link to the cursorsandbox executable again, Cato explained. Cato reported the flaws to Cursor in February. Patches for both were included in Cursor 3.0, released on April 2, while the CVE IDs were assigned in early June.

## Sources

- [SecurityWeek](https://www.securityweek.com/critical-cursor-ai-ide-flaws-could-lead-to-os-level-remote-code-execution/)

---
Canonical: https://techandbusiness.org/newswire/1zexheHxKDYI99qGZxPwUl
Retrieved: 2026-07-12T20:52:26.377Z
Publisher: Tech & Business (techandbusiness.org)
