CVE ID :CVE-2026-50549 Published : June 25, 2026, 6:47 p.m. | 4 hours, 23 minutes ago Description :Cursor is a code editor built for programming with AI. Prior to 3.0, Cursor runs agent terminal commands in a sandbox by default. Before a Write, the agent canonicalizes the target path to...

#Sicherheitslücke

Original-Artikel öffnen Zurück zur Übersicht

ARTICLEVIEW

CVE-2026-50549 - Cursor Desktop sandbox escape via symlink and failed path canonicalization

VERWANDTEARTIKEL

CVE-2025-71340 - picklescan - Remote Code Execution via idlelib.pyshell.ModifiedInterpreter.runcode

CVE-2025-71338 - Flowise - Arbitrary File Write to Remote Code Execution via document-store API

CVE-2025-71335 - Flowise - Session Invalidation Failure After Password Change

CVE-2025-71336 - Flowise - Unsandboxed Remote Code Execution via Custom MCP

CVE-2025-71334 - Flowise - Arbitrary File Access via Missing Chat Flow ID Validation

CVE-2025-71328 - Flowise - Unverified Password Change via Account Settings