Two significant remote code execution (RCE) vulnerabilities in the widely used Cursor ID expose developers to zero-click attacks driven by prompt injection. These vulnerabilities, tracked as CVE-2026-50548 and CVE-2026-50549, collectively known as “DuneSlide,” carry a CVSS score of 9.8. They demonstrate how development environments powered by large language models (LLMs) can unintentionally increase the attack […]
The post Critical Cursor IDE Flaws Let Attackers Execute Code via Zero-Click Prompt Injection appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
This article has been indexed from GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Read the original article: