CVE-2026-50549 – Cursor

CVSS 9.8 CRITICAL Critical or Zero Day – Immediate Deployment

“A sandbox loses its value the moment an attacker can write outside its walls.”

Cursor addressed two Critical vulnerabilities affecting versions prior to 3.0. Both issues allow a malicious AI agent to bypass workspace isolation and write arbitrary files outside the intended workspace using the privileges of the logged-in user. By escaping the intended sandbox boundaries, an attacker could modify sensitive files and ultimately enable execution of commands outside the sandbox.

CVE-2026-50548 has a CVSS score of 9.3, which is Critical severity. CVE-2026-50549 has a CVSS score of 9.3, which is Critical severity. The first vulnerability abuses manipulation of the agent's working directory, while the second exploits a symlink and path canonicalization bypass to write outside the workspace without approval. Verified exploitation has not been reported. Upgrading to Cursor 3.0 remediates both vulnerabilities.

Key Details

Affected Product
Anysphere Cursor
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
CWE Classification
CWE-59
Patch this CVE on all your endpoints in under 5 minutes. First 200 endpoints are free forever, scale as needed.