1:"$Sreact.fragment"
c:I[57150,[],""]
:HL["/_next/static/media/26d0ba92e140f0dc-s.p.woff2","font",{"crossOrigin":"","type":"font/woff2"}]
:HL["/_next/static/media/49eec060ce8bd0da-s.p.woff2","font",{"crossOrigin":"","type":"font/woff2"}]
:HL["/_next/static/media/4b9bb515ce6d026f-s.p.woff2","font",{"crossOrigin":"","type":"font/woff2"}]
:HL["/_next/static/media/558ca1a6aa3cb55e-s.p.woff2","font",{"crossOrigin":"","type":"font/woff2"}]
:HL["/_next/static/media/5611c55482296524-s.p.woff2","font",{"crossOrigin":"","type":"font/woff2"}]
:HL["/_next/static/media/93f479601ee12b01-s.p.woff2","font",{"crossOrigin":"","type":"font/woff2"}]
:HL["/_next/static/media/e4af272ccee01ff0-s.p.woff2","font",{"crossOrigin":"","type":"font/woff2"}]
:HL["/_next/static/media/fa3e259cafa8f47e-s.p.woff2","font",{"crossOrigin":"","type":"font/woff2"}]
:HL["/_next/static/css/ace6d38470ae6967.css?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","style"]
:HL["/_next/static/css/a0ef03fe04f76aa4.css?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","style"]
2:Ta3d,
              window.dataLayer = window.dataLayer || [];
              function gtag(){dataLayer.push(arguments);}
              var ldsGpc = false;
              try {
                ldsGpc = typeof navigator !== 'undefined' && navigator.globalPrivacyControl === true;
              } catch (e) {}
              var ldsStored = null;
              try {
                var rawV3 = window.localStorage && window.localStorage.getItem('lds_consent_v3');
                if (rawV3) {
                  var p3 = JSON.parse(rawV3);
                  if (p3 && p3.v === 3 && typeof p3.analytics === 'boolean' && typeof p3.ads === 'boolean') {
                    ldsStored = { analytics: p3.analytics, ads: p3.ads };
                  }
                }
                if (!ldsStored) {
                  var rawV2 = window.localStorage && window.localStorage.getItem('lds_consent_v2');
                  if (rawV2) {
                    var p2 = JSON.parse(rawV2);
                    if (p2 && p2.version === 2) {
                      if (p2.choice === 'all' || p2.choice === 'analytics') {
                        ldsStored = { analytics: true, ads: false };
                      } else if (p2.choice === 'essential') {
                        ldsStored = { analytics: false, ads: false };
                      }
                    }
                  }
                }
              } catch (e) {}
              var ldsRegime = 'optin';
              try {
                var regimeMatch = document.cookie.match(/(?:^|;\s*)lds_regime=(optin|optout)(?:;|$)/);
                if (regimeMatch) { ldsRegime = regimeMatch[1]; }
              } catch (e) {}
              var ldsAnalyticsStorage = 'denied';
              var ldsAdStorage = 'denied';
              if (!ldsGpc) {
                if (ldsStored) {
                  if (ldsStored.analytics) { ldsAnalyticsStorage = 'granted'; }
                  if (ldsStored.ads) { ldsAdStorage = 'granted'; }
                } else if (ldsRegime === 'optout') {
                  ldsAnalyticsStorage = 'granted';
                }
              }
              gtag('consent', 'default', {
                'analytics_storage': ldsAnalyticsStorage,
                'ad_storage': ldsAdStorage,
                'ad_user_data': ldsAdStorage,
                'ad_personalization': ldsAdStorage,
                'functionality_storage': 'granted',
                'security_storage': 'granted',
                'wait_for_update': 500
              });
              gtag('set', 'ads_data_redaction', true);
              gtag('set', 'url_passthrough', true);
            0:{"P":null,"b":"d8pIlWlerer__9fV4Rp72","p":"","c":["","news","researchers-disclose-zero-click-rce-flaws-in-cursor-ide-3f168dba"],"i":false,"f":[[["",{"children":["news",{"children":[["slug","researchers-disclose-zero-click-rce-flaws-in-cursor-ide-3f168dba","d"],{"children":["__PAGE__",{}]}]}]},"$undefined","$undefined",true],["",["$","$1","c",{"children":[[["$","link","0",{"rel":"stylesheet","href":"/_next/static/css/ace6d38470ae6967.css?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","precedence":"next","crossOrigin":"$undefined","nonce":"$undefined"}],["$","link","1",{"rel":"stylesheet","href":"/_next/static/css/a0ef03fe04f76aa4.css?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","precedence":"next","crossOrigin":"$undefined","nonce":"$undefined"}]],["$","html",null,{"lang":"en","data-scroll-behavior":"smooth","suppressHydrationWarning":true,"children":[["$","head",null,{"children":[["$","link",null,{"rel":"preconnect","href":"https://cdn.sanity.io","crossOrigin":"anonymous"}],["$","link",null,{"rel":"preconnect","href":"https://vbrclococxvgoeqefkzf.supabase.co","crossOrigin":"anonymous"}],"$undefined",["$","link",null,{"rel":"icon","href":"/lds_logo.svg","type":"image/svg+xml"}],["$","link",null,{"rel":"alternate","type":"application/rss+xml","title":"Let's Data Science - AI News Feed","href":"https://letsdatascience.com/feed.xml"}],["$","script",null,{"dangerouslySetInnerHTML":{"__html":"$2"}}],"$L3","$L4","$L5"]}],"$L6"]}]]}],{"children":["news","$L7",{"children":[["slug","researchers-disclose-zero-click-rce-flaws-in-cursor-ide-3f168dba","d"],"$L8",{"children":["__PAGE__","$L9",{},null,false]},null,false]},["$La",[],[]],false]},null,false],"$Lb",false]],"m":"$undefined","G":["$c",[]],"s":false,"S":true}
f:I[68332,["52619","static/chunks/52619-c48a18d6f62d2371.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","83126","static/chunks/83126-b58b5198e9df8aa5.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","81029","static/chunks/81029-74d9b38ffea59a85.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","81386","static/chunks/81386-8e95ff73e68d61cf.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","81356","static/chunks/81356-09d88f8fa447e337.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","54230","static/chunks/54230-f8c9ecafa335b403.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","45574","static/chunks/45574-8d1950da7ebb9809.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","44099","static/chunks/44099-53ff46634eb2c3a3.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","7177","static/chunks/app/layout-c40ffa4af31c9c8d.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM"],"GoogleAnalytics"]
10:I[65350,["52619","static/chunks/52619-c48a18d6f62d2371.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","83126","static/chunks/83126-b58b5198e9df8aa5.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","81029","static/chunks/81029-74d9b38ffea59a85.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","81386","static/chunks/81386-8e95ff73e68d61cf.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","81356","static/chunks/81356-09d88f8fa447e337.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","54230","static/chunks/54230-f8c9ecafa335b403.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","45574","static/chunks/45574-8d1950da7ebb9809.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","44099","static/chunks/44099-53ff46634eb2c3a3.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","7177","static/chunks/app/layout-c40ffa4af31c9c8d.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM"],"default"]
11:I[9766,[],""]
12:I[50960,["52619","static/chunks/52619-c48a18d6f62d2371.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","18039","static/chunks/app/error-85e6773a2f78a436.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM"],"default"]
13:I[98924,[],""]
14:I[52619,["52619","static/chunks/52619-c48a18d6f62d2371.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","54230","static/chunks/54230-f8c9ecafa335b403.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","32699","static/chunks/32699-7bc23d08328b1d69.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","56120","static/chunks/app/news/%5Bslug%5D/page-f27b791d7d7e1478.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM"],""]
15:I[37025,["52619","static/chunks/52619-c48a18d6f62d2371.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","83126","static/chunks/83126-b58b5198e9df8aa5.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","81029","static/chunks/81029-74d9b38ffea59a85.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","81386","static/chunks/81386-8e95ff73e68d61cf.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","81356","static/chunks/81356-09d88f8fa447e337.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","54230","static/chunks/54230-f8c9ecafa335b403.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","45574","static/chunks/45574-8d1950da7ebb9809.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","44099","static/chunks/44099-53ff46634eb2c3a3.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","7177","static/chunks/app/layout-c40ffa4af31c9c8d.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM"],"Analytics"]
17:I[24431,[],"OutletBoundary"]
19:I[15278,[],"AsyncMetadataOutlet"]
1b:I[24431,[],"ViewportBoundary"]
1d:I[24431,[],"MetadataBoundary"]
1e:"$Sreact.suspense"
d:T989,{"@context":"https://schema.org","@type":["Organization","NewsMediaOrganization","EducationalOrganization"],"@id":"https://letsdatascience.com#organization","name":"Let's Data Science","url":"https://letsdatascience.com","logo":{"@type":"ImageObject","url":"https://letsdatascience.com/lds_logo.webp","width":1024,"height":1024},"publishingPrinciples":"https://letsdatascience.com/editorial-standards","description":"Interactive data science learning platform with 1,625 SQL and Python coding problems across 15 industry domains. LDS Mentor is a built-in AI with two modes: Learn Mode uses the Socratic method to guide you to the answer, Interview Mode gives direct patterns, code skeletons, and strategies for fast interview prep. Includes free interactive courses, 496 interview recall cards, and AI-curated news. All code execution runs in-browser.","sameAs":["https://www.youtube.com/@letsdatascience","https://twitter.com/letsdatascience","https://linkedin.com/company/letsdatascience","https://github.com/letsdatascience","https://open.spotify.com/show/0x4laIZ3OSlnAlr0R7gXsr","https://music.amazon.com/podcasts/f245918a-83ab-4b40-9730-d6e5446ad66e/let's-data-science-%E2%80%94-ai-news-daily"],"founder":{"@type":"Person","name":"Fanindra Kumar","jobTitle":"Founder","worksFor":{"@type":"Organization","name":"AIDriven Technologies Pvt. Ltd."}},"parentOrganization":{"@type":"Organization","name":"AIDriven Technologies Pvt. Ltd."},"foundingDate":"2024","knowsAbout":["Machine Learning","Data Science","Python Programming","SQL","Deep Learning","Statistics","Artificial Intelligence","Data Engineering"],"about":[{"@type":"Thing","name":"SQL","sameAs":"https://en.wikipedia.org/wiki/SQL"},{"@type":"Thing","name":"Python","sameAs":"https://en.wikipedia.org/wiki/Python_(programming_language)"},{"@type":"Thing","name":"Data Science","sameAs":"https://en.wikipedia.org/wiki/Data_science"},{"@type":"Thing","name":"Machine Learning","sameAs":"https://en.wikipedia.org/wiki/Machine_learning"},{"@type":"Thing","name":"Statistics","sameAs":"https://en.wikipedia.org/wiki/Statistics"},{"@type":"Thing","name":"Probability","sameAs":"https://en.wikipedia.org/wiki/Probability"}],"teaches":["SQL querying and optimization","Python for data analysis","Machine learning fundamentals","Statistics and probability","Data science interview preparation","AI-guided Socratic problem solving for SQL","AI-guided Socratic problem solving for Python"]}3:["$","script",null,{"type":"application/ld+json","dangerouslySetInnerHTML":{"__html":"$d"}}]
4:["$","script",null,{"type":"application/ld+json","dangerouslySetInnerHTML":{"__html":"{\"@context\":\"https://schema.org\",\"@type\":\"WebSite\",\"name\":\"Let's Data Science\",\"url\":\"https://letsdatascience.com\",\"description\":\"Interactive data science learning platform with 1,625 SQL and Python coding problems, free courses, 496 interview recall cards, and AI-curated news. All code runs in-browser — no installation required.\",\"inLanguage\":\"en\",\"publisher\":{\"@type\":\"Organization\",\"name\":\"Let's Data Science\",\"url\":\"https://letsdatascience.com\"},\"potentialAction\":{\"@type\":\"SearchAction\",\"target\":\"https://letsdatascience.com/blog?q={search_term_string}\",\"query-input\":\"required name=search_term_string\"},\"about\":[{\"@type\":\"Thing\",\"name\":\"Data Science\",\"sameAs\":\"https://en.wikipedia.org/wiki/Data_science\"},{\"@type\":\"Thing\",\"name\":\"SQL\",\"sameAs\":\"https://en.wikipedia.org/wiki/SQL\"},{\"@type\":\"Thing\",\"name\":\"Python\",\"sameAs\":\"https://en.wikipedia.org/wiki/Python_(programming_language)\"}]}"}}]
e:T7b7,{"@context":"https://schema.org","@type":"SoftwareApplication","name":"LDS Mentor","applicationCategory":"EducationalApplication","operatingSystem":"Web","url":"https://letsdatascience.com/problems","description":"LDS Mentor is an AI-powered coding mentor built into every SQL and Python problem on Let's Data Science. It uses a Socratic teaching method — asking guiding questions and giving targeted hints rather than giving away answers — helping learners genuinely understand data science concepts. Available to Pro subscribers on 1,625 premium problems across 15 real-world industry datasets.","featureList":["Socratic AI hints for every SQL and Python coding problem","Turn-aware context — mentor tracks your attempt history and escalates guidance","Error analysis — identifies bugs in your code and explains root causes","Concept clarification on demand without spoiling the solution","Available on 1,625 SQL and Python data science problems","Covers 15 industry domains: adtech, banking, fintech, healthcare, logistics, and more"],"provider":{"@type":"Organization","name":"Let's Data Science","url":"https://letsdatascience.com"},"offers":{"@type":"Offer","price":"0","priceCurrency":"USD","availability":"https://schema.org/InStock","category":"Subscription","description":"Free tier with 250+ problems. Pro subscription unlocks 1,625 problems and LDS Mentor AI.","url":"https://letsdatascience.com/pricing"},"audience":{"@type":"Audience","audienceType":"Data scientists, data analysts, SQL developers, Python programmers, data science job seekers"},"about":[{"@type":"Thing","name":"Artificial Intelligence","sameAs":"https://en.wikipedia.org/wiki/Artificial_intelligence"},{"@type":"Thing","name":"SQL","sameAs":"https://en.wikipedia.org/wiki/SQL"},{"@type":"Thing","name":"Python","sameAs":"https://en.wikipedia.org/wiki/Python_(programming_language)"},{"@type":"Thing","name":"Socratic method","sameAs":"https://en.wikipedia.org/wiki/Socratic_method"}]}5:["$","script",null,{"type":"application/ld+json","dangerouslySetInnerHTML":{"__html":"$e"}}]
6:["$","body",null,{"className":"__variable_f367f3 __variable_fb7d4f __variable_9a8899 __variable_d501d1 __variable_be5b54 __variable_6d24ac __className_f367f3","children":[["$","$Lf",null,{"gaId":"G-B8ZP2M7077"}],["$","$L10",null,{"initialUser":null,"children":["$","$L11",null,{"parallelRouterKey":"children","error":"$12","errorStyles":[],"errorScripts":[],"template":["$","$L13",null,{}],"templateStyles":"$undefined","templateScripts":"$undefined","notFound":[["$","main",null,{"className":"flex-1 flex items-center justify-center px-4","children":["$","div",null,{"className":"text-center max-w-md","children":[["$","p",null,{"className":"text-8xl font-bold text-neutral-200 select-none","children":"404"}],["$","h1",null,{"className":"mt-4 text-2xl font-semibold text-neutral-900","children":"Page not found"}],["$","p",null,{"className":"mt-2 text-neutral-500","children":"The page you're looking for doesn't exist or has been moved."}],["$","div",null,{"className":"mt-8 flex items-center justify-center gap-3","children":[["$","$L14",null,{"href":"/","className":"px-5 py-2.5 rounded-xl bg-neutral-900 text-white text-sm font-medium hover:bg-neutral-800 transition-colors","children":"Go home"}],["$","$L14",null,{"href":"/problems","className":"px-5 py-2.5 rounded-xl border border-neutral-200 text-neutral-700 text-sm font-medium hover:bg-neutral-50 transition-colors","children":"Practice problems"}]]}]]}]}],[]],"forbidden":"$undefined","unauthorized":"$undefined"}]}],["$","$L15",null,{}]]}]
7:["$","$1","c",{"children":[null,["$","$L11",null,{"parallelRouterKey":"children","error":"$undefined","errorStyles":"$undefined","errorScripts":"$undefined","template":["$","$L13",null,{}],"templateStyles":"$undefined","templateScripts":"$undefined","notFound":"$undefined","forbidden":"$undefined","unauthorized":"$undefined"}]]}]
8:["$","$1","c",{"children":[null,["$","$L11",null,{"parallelRouterKey":"children","error":"$undefined","errorStyles":"$undefined","errorScripts":"$undefined","template":["$","$L13",null,{}],"templateStyles":"$undefined","templateScripts":"$undefined","notFound":"$undefined","forbidden":"$undefined","unauthorized":"$undefined"}]]}]
9:["$","$1","c",{"children":["$L16",null,["$","$L17",null,{"children":["$L18",["$","$L19",null,{"promise":"$@1a"}]]}]]}]
a:["$","div","l",{"className":"min-h-screen bg-[#0a0a0a]","children":[["$","div",null,{"className":"h-16 border-b border-white/10 bg-[#0a0a0a]/80 backdrop-blur-md sticky top-0 z-50"}],["$","main",null,{"className":"max-w-7xl mx-auto px-4 sm:px-6 lg:px-8 py-8 space-y-12","children":[["$","section",null,{"className":"relative rounded-2xl overflow-hidden aspect-[21/9] bg-neutral-900 animate-pulse","children":[["$","div",null,{"className":"absolute inset-0 bg-gradient-to-t from-black/60 to-transparent"}],["$","div",null,{"className":"absolute bottom-0 left-0 p-8 w-full space-y-4","children":[["$","div",null,{"className":"h-4 w-32 bg-white/20 rounded"}],["$","div",null,{"className":"h-10 w-3/4 bg-white/20 rounded"}],["$","div",null,{"className":"h-4 w-1/2 bg-white/20 rounded"}]]}]]}],["$","section",null,{"className":"grid grid-cols-1 lg:grid-cols-3 gap-8","children":[["$","div",null,{"className":"lg:col-span-2 space-y-6","children":[["$","div","1",{"className":"flex gap-4 p-4 rounded-xl bg-neutral-900/50 border border-white/5 animate-pulse","children":[["$","div",null,{"className":"w-1/3 aspect-video bg-neutral-800 rounded-lg"}],["$","div",null,{"className":"flex-1 space-y-3 py-2","children":[["$","div",null,{"className":"h-6 w-3/4 bg-neutral-800 rounded"}],["$","div",null,{"className":"h-4 w-full bg-neutral-800 rounded"}],["$","div",null,{"className":"h-4 w-2/3 bg-neutral-800 rounded"}]]}]]}],["$","div","2",{"className":"flex gap-4 p-4 rounded-xl bg-neutral-900/50 border border-white/5 animate-pulse","children":[["$","div",null,{"className":"w-1/3 aspect-video bg-neutral-800 rounded-lg"}],["$","div",null,{"className":"flex-1 space-y-3 py-2","children":[["$","div",null,{"className":"h-6 w-3/4 bg-neutral-800 rounded"}],["$","div",null,{"className":"h-4 w-full bg-neutral-800 rounded"}],["$","div",null,{"className":"h-4 w-2/3 bg-neutral-800 rounded"}]]}]]}],["$","div","3",{"className":"flex gap-4 p-4 rounded-xl bg-neutral-900/50 border border-white/5 animate-pulse","children":[["$","div",null,{"className":"w-1/3 aspect-video bg-neutral-800 rounded-lg"}],["$","div",null,{"className":"flex-1 space-y-3 py-2","children":[["$","div",null,{"className":"h-6 w-3/4 bg-neutral-800 rounded"}],["$","div",null,{"className":"h-4 w-full bg-neutral-800 rounded"}],["$","div",null,{"className":"h-4 w-2/3 bg-neutral-800 rounded"}]]}]]}]]}],["$","div",null,{"className":"space-y-6","children":[["$","div",null,{"className":"h-64 rounded-xl bg-neutral-900/50 border border-white/5 animate-pulse"}],["$","div",null,{"className":"h-64 rounded-xl bg-neutral-900/50 border border-white/5 animate-pulse"}]]}]]}]]}]]}]
b:["$","$1","h",{"children":[null,[["$","$L1b",null,{"children":"$L1c"}],["$","meta",null,{"name":"next-size-adjust","content":""}]],["$","$L1d",null,{"children":["$","div",null,{"hidden":true,"children":["$","$1e",null,{"fallback":null,"children":"$L1f"}]}]}]]}]
1c:[["$","meta","0",{"charSet":"utf-8"}],["$","meta","1",{"name":"viewport","content":"width=device-width, initial-scale=1, maximum-scale=5"}],["$","meta","2",{"name":"theme-color","media":"(prefers-color-scheme: light)","content":"#ffffff"}],["$","meta","3",{"name":"theme-color","media":"(prefers-color-scheme: dark)","content":"#0a0a0a"}]]
18:null
1a:{"metadata":[["$","title","0",{"children":"Researchers Disclose Zero-Click RCE Flaws In Cursor IDE | Let's Data Science"}],["$","meta","1",{"name":"description","content":"Cato AI Labs disclosed **DuneSlide**, two critical zero-click remote-code-execution flaws (CVE-2026-50548 and CVE-2026-50549, both rated **9.8** under CVSS 3.1) in the **Cursor** AI code editor, used by more than half the Fortune 500, on July 1, 2026. A single prompt-injected instruction hidden in content the AI agent merely reads, such as an MCP connector response or a web search result, could escape Cursor's terminal sandbox and run arbitrary commands on a developer's machine with no click or approval needed. Cato reported the flaws privately on February 19; Cursor initially rejected them, then reopened and fixed both in the **Cursor 3.0** release on April 2, with CVE IDs assigned June 5. Every Cursor version before 3.0 remains vulnerable. Cato says it is disclosing similar sandbox-escape flaws in other popular coding agents, arguing the weakness is structural rather than specific to Cursor."}],["$","link","2",{"rel":"author","href":"https://letsdatascience.com"}],["$","meta","3",{"name":"author","content":"Let's Data Science"}],["$","link","4",{"rel":"manifest","href":"/manifest.webmanifest","crossOrigin":"$undefined"}],["$","meta","5",{"name":"keywords","content":"cursor,ai-developer-tools,cybersecurity,prompt-injection,vulnerability,agents"}],["$","meta","6",{"name":"creator","content":"Let's Data Science"}],["$","meta","7",{"name":"publisher","content":"Let's Data Science"}],["$","meta","8",{"name":"robots","content":"index, follow, max-image-preview:large, max-snippet:-1"}],["$","meta","9",{"name":"googlebot","content":"index, follow, max-video-preview:-1, max-image-preview:large, max-snippet:-1"}],["$","meta","10",{"name":"category","content":"education"}],["$","meta","11",{"name":"rights","content":"Images displayed in news articles are hotlinked from third-party publishers and credited. See https://letsdatascience.com/copyright for the full takedown policy."}],["$","meta","12",{"name":"rights-standard","content":"https://letsdatascience.com/copyright"}],["$","meta","13",{"name":"copyright","content":"© 2026 Let's Data Science. News images remain the property of their respective publishers."}],["$","link","14",{"rel":"canonical","href":"https://letsdatascience.com/news/researchers-disclose-zero-click-rce-flaws-in-cursor-ide-3f168dba"}],["$","meta","15",{"name":"format-detection","content":"telephone=no, address=no, email=no"}],["$","meta","16",{"name":"google-site-verification","content":"bvgzFXkTPJfMTYHfr0vvJhewEB3n4t60T2Su0bZAlqM"}],["$","meta","17",{"name":"yandex-verification","content":"7d81286967b16ea7"}],["$","meta","18",{"property":"og:title","content":"Researchers Disclose Zero-Click RCE Flaws In Cursor IDE"}],["$","meta","19",{"property":"og:description","content":"Cato AI Labs disclosed **DuneSlide**, two critical zero-click remote-code-execution flaws (CVE-2026-50548 and CVE-2026-50549, both rated **9.8** under CVSS 3.1) in the **Cursor** AI code editor, used by more than half the Fortune 500, on July 1, 2026. A single prompt-injected instruction hidden in content the AI agent merely reads, such as an MCP connector response or a web search result, could escape Cursor's terminal sandbox and run arbitrary commands on a developer's machine with no click or approval needed. Cato reported the flaws privately on February 19; Cursor initially rejected them, then reopened and fixed both in the **Cursor 3.0** release on April 2, with CVE IDs assigned June 5. Every Cursor version before 3.0 remains vulnerable. Cato says it is disclosing similar sandbox-escape flaws in other popular coding agents, arguing the weakness is structural rather than specific to Cursor."}],"$L20","$L21","$L22","$L23","$L24","$L25","$L26","$L27","$L28","$L29","$L2a","$L2b","$L2c","$L2d","$L2e","$L2f","$L30","$L31","$L32","$L33","$L34","$L35","$L36","$L37","$L38"],"error":null,"digest":"$undefined"}
1f:"$1a:metadata"
39:I[80622,[],"IconMark"]
20:["$","meta","20",{"property":"og:url","content":"https://letsdatascience.com/news/researchers-disclose-zero-click-rce-flaws-in-cursor-ide-3f168dba"}]
21:["$","meta","21",{"property":"og:site_name","content":"Let's Data Science"}]
22:["$","meta","22",{"property":"og:locale","content":"en_US"}]
23:["$","meta","23",{"property":"og:image","content":"https://letsdatascience.com/lds_news_fallback_image.webp"}]
24:["$","meta","24",{"property":"og:image:width","content":"1200"}]
25:["$","meta","25",{"property":"og:image:height","content":"630"}]
26:["$","meta","26",{"property":"og:image:alt","content":"Researchers Disclose Zero-Click RCE Flaws In Cursor IDE"}]
27:["$","meta","27",{"property":"og:type","content":"article"}]
28:["$","meta","28",{"property":"article:published_time","content":"2026-07-01T22:14:39+00:00"}]
29:["$","meta","29",{"property":"article:modified_time","content":"2026-07-01T22:14:39+00:00"}]
2a:["$","meta","30",{"property":"article:section","content":"Security & Risk"}]
2b:["$","meta","31",{"property":"article:tag","content":"cursor"}]
2c:["$","meta","32",{"property":"article:tag","content":"ai-developer-tools"}]
2d:["$","meta","33",{"property":"article:tag","content":"cybersecurity"}]
2e:["$","meta","34",{"property":"article:tag","content":"prompt-injection"}]
2f:["$","meta","35",{"property":"article:tag","content":"vulnerability"}]
30:["$","meta","36",{"property":"article:tag","content":"agents"}]
31:["$","meta","37",{"name":"twitter:card","content":"summary_large_image"}]
32:["$","meta","38",{"name":"twitter:creator","content":"@letsdatascience"}]
33:["$","meta","39",{"name":"twitter:title","content":"Researchers Disclose Zero-Click RCE Flaws In Cursor IDE"}]
34:["$","meta","40",{"name":"twitter:description","content":"Cato AI Labs disclosed **DuneSlide**, two critical zero-click remote-code-execution flaws (CVE-2026-50548 and CVE-2026-50549, both rated **9.8** under CVSS 3.1) in the **Cursor** AI code editor, used by more than half the Fortune 500, on July 1, 2026. A single prompt-injected instruction hidden in content the AI agent merely reads, such as an MCP connector response or a web search result, could escape Cursor's terminal sandbox and run arbitrary commands on a developer's machine with no click or approval needed. Cato reported the flaws privately on February 19; Cursor initially rejected them, then reopened and fixed both in the **Cursor 3.0** release on April 2, with CVE IDs assigned June 5. Every Cursor version before 3.0 remains vulnerable. Cato says it is disclosing similar sandbox-escape flaws in other popular coding agents, arguing the weakness is structural rather than specific to Cursor."}]
35:["$","meta","41",{"name":"twitter:image","content":"https://letsdatascience.com/lds_news_fallback_image.webp"}]
36:["$","link","42",{"rel":"icon","href":"/icon.png?468085a3f230b950","type":"image/png","sizes":"1024x1024"}]
37:["$","link","43",{"rel":"apple-touch-icon","href":"/apple-icon.png?468085a3f230b950","type":"image/png","sizes":"1024x1024"}]
38:["$","$L39","44",{}]
3a:Tedb,{"@context":"https://schema.org","@type":"NewsArticle","headline":"Researchers Disclose Zero-Click RCE Flaws In Cursor IDE","description":"Cato AI Labs disclosed **DuneSlide**, two critical zero-click remote-code-execution flaws (CVE-2026-50548 and CVE-2026-50549, both rated **9.8** under CVSS 3.1) in the **Cursor** AI code editor, used by more than half the Fortune 500, on July 1, 2026. A single prompt-injected instruction hidden in content the AI agent merely reads, such as an MCP connector response or a web search result, could escape Cursor's terminal sandbox and run arbitrary commands on a developer's machine with no click or approval needed. Cato reported the flaws privately on February 19; Cursor initially rejected them, then reopened and fixed both in the **Cursor 3.0** release on April 2, with CVE IDs assigned June 5. Every Cursor version before 3.0 remains vulnerable. Cato says it is disclosing similar sandbox-escape flaws in other popular coding agents, arguing the weakness is structural rather than specific to Cursor.","url":"https://letsdatascience.com/news/researchers-disclose-zero-click-rce-flaws-in-cursor-ide-3f168dba","image":["https://letsdatascience.com/lds_news_fallback_image.webp"],"thumbnailUrl":"https://letsdatascience.com/lds_news_fallback_image.webp","datePublished":"2026-07-01T22:14:39.000Z","dateModified":"2026-07-01T22:14:39.000Z","author":{"@type":"Organization","@id":"https://letsdatascience.com#organization","name":"Let's Data Science","url":"https://letsdatascience.com","logo":{"@type":"ImageObject","url":"https://letsdatascience.com/lds_logo.webp","width":1024,"height":1024}},"publisher":{"@type":["Organization","NewsMediaOrganization"],"@id":"https://letsdatascience.com#organization","name":"Let's Data Science","url":"https://letsdatascience.com","logo":{"@type":"ImageObject","url":"https://letsdatascience.com/lds_logo.webp","width":1024,"height":1024},"publishingPrinciples":"https://letsdatascience.com/editorial-standards","sameAs":["https://www.youtube.com/@letsdatascience","https://twitter.com/letsdatascience","https://linkedin.com/company/letsdatascience","https://github.com/letsdatascience"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://letsdatascience.com/news/researchers-disclose-zero-click-rce-flaws-in-cursor-ide-3f168dba"},"articleSection":"Security & Risk","keywords":"cursor, ai-developer-tools, cybersecurity, prompt-injection, vulnerability, agents","about":[{"@type":"Thing","name":"cursor"},{"@type":"Thing","name":"ai developer tools"},{"@type":"Thing","name":"cybersecurity"},{"@type":"Thing","name":"prompt injection"},{"@type":"Thing","name":"vulnerability"},{"@type":"Thing","name":"agents"}],"citation":[{"@type":"CreativeWork","name":"DuneSlide: Two Critical RCE Vulnerabilities via Zero-Click Prompt Injection in Cursor IDE","url":"https://www.catonetworks.com/blog/duneslide-two-critical-rce-vulnerabilities/","publisher":{"@type":"Organization","name":"catonetworks.com"}},{"@type":"CreativeWork","name":"GHSA-3v8f-48vw-3mjx: Cursor symlink canonicalization RCE (CVE-2026-50549)","url":"https://github.com/cursor/cursor/security/advisories/GHSA-3v8f-48vw-3mjx","publisher":{"@type":"Organization","name":"github.com"}},{"@type":"CreativeWork","name":"Critical Cursor Flaws Could Let Prompt Injection Escape Sandbox and Run Commands","url":"https://thehackernews.com/2026/07/critical-cursor-flaws-could-let-prompt.html","publisher":{"@type":"Organization","name":"thehackernews.com"}},{"@type":"CreativeWork","name":"Critical Cursor IDE RCE Vulnerabilities Enable Prompt Injection in Zero-Click","url":"https://cybersecuritynews.com/cursor-ide-rce-vulnerabilities/","publisher":{"@type":"Organization","name":"cybersecuritynews.com"}}],"wordCount":795,"isAccessibleForFree":true,"inLanguage":"en"}16:[["$","script",null,{"type":"application/ld+json","dangerouslySetInnerHTML":{"__html":"$3a"}}],"$L3b","$L3c","$L3d","$L3e"]
3f:I[26424,["52619","static/chunks/52619-c48a18d6f62d2371.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","54230","static/chunks/54230-f8c9ecafa335b403.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","32699","static/chunks/32699-7bc23d08328b1d69.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","56120","static/chunks/app/news/%5Bslug%5D/page-f27b791d7d7e1478.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM"],"default"]
40:I[87440,["52619","static/chunks/52619-c48a18d6f62d2371.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","54230","static/chunks/54230-f8c9ecafa335b403.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","32699","static/chunks/32699-7bc23d08328b1d69.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","56120","static/chunks/app/news/%5Bslug%5D/page-f27b791d7d7e1478.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM"],"default"]
3b:["$","script",null,{"type":"application/ld+json","dangerouslySetInnerHTML":{"__html":"{\"@context\":\"https://schema.org\",\"@type\":\"BreadcrumbList\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https://letsdatascience.com\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"News\",\"item\":\"https://letsdatascience.com/news\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Researchers Disclose Zero-Click RCE Flaws In Cursor IDE\",\"item\":\"https://letsdatascience.com/news/researchers-disclose-zero-click-rce-flaws-in-cursor-ide-3f168dba\"}]}"}}]
3c:["$","script",null,{"type":"application/ld+json","dangerouslySetInnerHTML":{"__html":"{\"@context\":\"https://schema.org\",\"@type\":\"WebPage\",\"url\":\"https://letsdatascience.com/news/researchers-disclose-zero-click-rce-flaws-in-cursor-ide-3f168dba\",\"speakable\":{\"@type\":\"SpeakableSpecification\",\"cssSelector\":[\".article-summary\",\".key-points-content\"]}}"}}]
3d:["$","$L3f",null,{"slug":"researchers-disclose-zero-click-rce-flaws-in-cursor-ide-3f168dba","title":"Researchers Disclose Zero-Click RCE Flaws In Cursor IDE","type":"news","tags":["cursor","ai-developer-tools","cybersecurity","prompt-injection","vulnerability","agents"]}]
3e:["$","main",null,{"className":"min-h-screen bg-white","children":[["$","nav",null,{"className":"border-b border-neutral-100 bg-white sticky top-0 z-40","children":["$","div",null,{"className":"max-w-4xl mx-auto px-4 sm:px-6 py-3","children":["$","div",null,{"className":"flex items-center gap-1 text-sm","children":[["$","$L14",null,{"href":"/","className":"flex items-center gap-1.5 px-2.5 py-1.5 rounded-lg text-neutral-500 hover:text-neutral-700 hover:bg-neutral-100/80 transition-all duration-200","children":["$","svg",null,{"className":"w-4 h-4","fill":"none","viewBox":"0 0 24 24","stroke":"currentColor","strokeWidth":1.5,"children":["$","path",null,{"strokeLinecap":"round","strokeLinejoin":"round","d":"M2.25 12l8.954-8.955c.44-.439 1.152-.439 1.591 0L21.75 12M4.5 9.75v10.125c0 .621.504 1.125 1.125 1.125H9.75v-4.875c0-.621.504-1.125 1.125-1.125h2.25c.621 0 1.125.504 1.125 1.125V21h4.125c.621 0 1.125-.504 1.125-1.125V9.75M8.25 21h8.25"}]}]}],["$","svg",null,{"className":"w-4 h-4 text-neutral-300","fill":"none","viewBox":"0 0 24 24","stroke":"currentColor","strokeWidth":2,"children":["$","path",null,{"strokeLinecap":"round","strokeLinejoin":"round","d":"M9 5l7 7-7 7"}]}],["$","$L14",null,{"href":"/news","className":"px-2.5 py-1.5 rounded-lg text-neutral-600 hover:text-neutral-800 hover:bg-neutral-100/80 transition-all duration-200","children":"News"}],["$","svg",null,{"className":"w-4 h-4 text-neutral-300","fill":"none","viewBox":"0 0 24 24","stroke":"currentColor","strokeWidth":2,"children":["$","path",null,{"strokeLinecap":"round","strokeLinejoin":"round","d":"M9 5l7 7-7 7"}]}],["$","span",null,{"className":"px-2.5 py-1.5 rounded-lg text-neutral-900 font-medium bg-neutral-100/60 truncate max-w-[200px] sm:max-w-xs","children":"Researchers Disclose Zero-Click RCE Flaws In Cursor IDE"}]]}]}]}],["$","article",null,{"className":"max-w-4xl mx-auto px-4 sm:px-6 pt-6 pb-8 sm:pt-8 sm:pb-12","children":[["$","header",null,{"className":"mb-8","children":[["$","div",null,{"className":"flex flex-wrap items-center gap-2 mb-4","children":[["$","span",null,{"className":"px-2.5 py-1 text-[10px] font-semibold uppercase tracking-wide bg-neutral-900 text-white rounded","children":"Security & Risk"}],[["$","span","cursor",{"className":"px-2.5 py-1 rounded text-[11px] font-medium text-neutral-600 bg-neutral-100 hover:bg-neutral-200 transition-colors cursor-default","children":"cursor"}],["$","span","ai-developer-tools",{"className":"px-2.5 py-1 rounded text-[11px] font-medium text-neutral-600 bg-neutral-100 hover:bg-neutral-200 transition-colors cursor-default","children":"ai developer tools"}],["$","span","cybersecurity",{"className":"px-2.5 py-1 rounded text-[11px] font-medium text-neutral-600 bg-neutral-100 hover:bg-neutral-200 transition-colors cursor-default","children":"cybersecurity"}],["$","span","prompt-injection",{"className":"px-2.5 py-1 rounded text-[11px] font-medium text-neutral-600 bg-neutral-100 hover:bg-neutral-200 transition-colors cursor-default","children":"prompt injection"}]]]}],["$","h1",null,{"className":"font-serif-display text-[2.125rem] sm:text-[2.625rem] lg:text-[3.25rem] font-normal text-neutral-900 leading-[1.08] tracking-[-0.015em] mb-6","children":"Researchers Disclose Zero-Click RCE Flaws In Cursor IDE"}],["$","div",null,{"className":"flex flex-wrap items-center justify-between gap-4 pb-6 border-b border-neutral-100","children":[["$","div",null,{"className":"flex flex-wrap items-center gap-3 text-sm text-neutral-500","children":[["$","$L40",null,{"sources":[{"url":"https://www.catonetworks.com/blog/duneslide-two-critical-rce-vulnerabilities/","title":"DuneSlide: Two Critical RCE Vulnerabilities via Zero-Click Prompt Injection in Cursor IDE","domain":"catonetworks.com","snippet":"Cato AI Labs' original research writeup: technical detail on both CVEs and the full responsible-disclosure timeline (Feb 19 - Jun 5).","scraped":true},{"url":"https://github.com/cursor/cursor/security/advisories/GHSA-3v8f-48vw-3mjx","title":"GHSA-3v8f-48vw-3mjx: Cursor symlink canonicalization RCE (CVE-2026-50549)","domain":"github.com","snippet":"Cursor's official vendor security advisory, cited by NVD as the authoritative reference for CVE-2026-50549.","scraped":false},{"url":"https://thehackernews.com/2026/07/critical-cursor-flaws-could-let-prompt.html","title":"Critical Cursor Flaws Could Let Prompt Injection Escape Sandbox and Run Commands","domain":"thehackernews.com","snippet":"Confirms technical mechanics, disclosure timeline, and situates DuneSlide among prior Cursor/Gemini CLI agent-sandbox bugs.","scraped":true},{"url":"https://cybersecuritynews.com/cursor-ide-rce-vulnerabilities/","title":"Critical Cursor IDE RCE Vulnerabilities Enable Prompt Injection in Zero-Click","domain":"cybersecuritynews.com","snippet":"Independent corroborating technical writeup citing Cato AI Labs.","scraped":true}]}],"$L41","$L42","$L43"]}],"$L44"]}]]}],"$L45","$L46","$L47","$L48"]}],"$L49","$L4a","$L4b"]}]
4c:I[27899,["52619","static/chunks/52619-c48a18d6f62d2371.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","54230","static/chunks/54230-f8c9ecafa335b403.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","32699","static/chunks/32699-7bc23d08328b1d69.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","56120","static/chunks/app/news/%5Bslug%5D/page-f27b791d7d7e1478.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM"],"default"]
4d:I[5705,["52619","static/chunks/52619-c48a18d6f62d2371.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","54230","static/chunks/54230-f8c9ecafa335b403.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","32699","static/chunks/32699-7bc23d08328b1d69.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","56120","static/chunks/app/news/%5Bslug%5D/page-f27b791d7d7e1478.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM"],"default"]
4e:I[36886,["52619","static/chunks/52619-c48a18d6f62d2371.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","54230","static/chunks/54230-f8c9ecafa335b403.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","32699","static/chunks/32699-7bc23d08328b1d69.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","56120","static/chunks/app/news/%5Bslug%5D/page-f27b791d7d7e1478.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM"],"default"]
4f:I[20277,["52619","static/chunks/52619-c48a18d6f62d2371.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","54230","static/chunks/54230-f8c9ecafa335b403.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","32699","static/chunks/32699-7bc23d08328b1d69.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","56120","static/chunks/app/news/%5Bslug%5D/page-f27b791d7d7e1478.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM"],"default"]
5c:I[42949,["52619","static/chunks/52619-c48a18d6f62d2371.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","54230","static/chunks/54230-f8c9ecafa335b403.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","32699","static/chunks/32699-7bc23d08328b1d69.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","56120","static/chunks/app/news/%5Bslug%5D/page-f27b791d7d7e1478.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM"],"default"]
41:[["$","span",null,{"className":"text-neutral-200","children":"|"}],["$","time",null,{"dateTime":"2026-07-01T22:14:39+00:00","className":"text-neutral-500","children":"July 1, 2026"}]]
42:["$","span",null,{"className":"text-neutral-200","children":"|"}]
43:["$","span",null,{"className":"text-neutral-500","children":["By ",["$","$L14",null,{"href":"/editorial-standards","className":"text-neutral-700 font-medium underline-offset-2 hover:underline hover:text-neutral-900","children":"LDS Team"}]]}]
44:["$","div",null,{"className":"flex items-center gap-2","children":[["$","$L4c",null,{"url":"https://letsdatascience.com/news/researchers-disclose-zero-click-rce-flaws-in-cursor-ide-3f168dba","title":"Researchers Disclose Zero-Click RCE Flaws In Cursor IDE","summary":"Cato AI Labs disclosed **DuneSlide**, two critical zero-click remote-code-execution flaws (CVE-2026-50548 and CVE-2026-50549, both rated **9.8** under CVSS 3.1) in the **Cursor** AI code editor, used by more than half the Fortune 500, on July 1, 2026. A single prompt-injected instruction hidden in content the AI agent merely reads, such as an MCP connector response or a web search result, could escape Cursor's terminal sandbox and run arbitrary commands on a developer's machine with no click or approval needed. Cato reported the flaws privately on February 19; Cursor initially rejected them, then reopened and fixed both in the **Cursor 3.0** release on April 2, with CVE IDs assigned June 5. Every Cursor version before 3.0 remains vulnerable. Cato says it is disclosing similar sandbox-escape flaws in other popular coding agents, arguing the weakness is structural rather than specific to Cursor.","compact":true}],["$","div",null,{"className":"flex items-center gap-2","children":[["$","div",null,{"className":"relative group","children":[["$","div",null,{"className":"w-10 h-10 text-sm rounded-full bg-yellow-500/75 text-white font-bold flex items-center justify-center shadow","aria-label":"Relevance score: 6.5","children":"6.5"}],false]}],["$","span",null,{"className":"text-xs text-neutral-500","children":"Relevance Score"}]]}]]}]
45:["$","$L4d",null,{"imageUrl":null,"alt":"Researchers Disclose Zero-Click RCE Flaws In Cursor IDE"}]
46:["$","$L4e",null,{"summary":"Cato AI Labs disclosed **DuneSlide**, two critical zero-click remote-code-execution flaws (CVE-2026-50548 and CVE-2026-50549, both rated **9.8** under CVSS 3.1) in the **Cursor** AI code editor, used by more than half the Fortune 500, on July 1, 2026. A single prompt-injected instruction hidden in content the AI agent merely reads, such as an MCP connector response or a web search result, could escape Cursor's terminal sandbox and run arbitrary commands on a developer's machine with no click or approval needed. Cato reported the flaws privately on February 19; Cursor initially rejected them, then reopened and fixed both in the **Cursor 3.0** release on April 2, with CVE IDs assigned June 5. Every Cursor version before 3.0 remains vulnerable. Cato says it is disclosing similar sandbox-escape flaws in other popular coding agents, arguing the weakness is structural rather than specific to Cursor."}]
47:["$","$L4f",null,{"slug":"researchers-disclose-zero-click-rce-flaws-in-cursor-ide-3f168dba"}]
50:T4eb,Cursor 2.x introduced automatic terminal-command execution inside a sandbox, so the AI agent's shell commands run without a user-approval prompt but stay contained. Both DuneSlide bugs defeat that containment through zero-click prompt injection: an attacker never interacts with the victim directly, instead planting instructions inside content the agent reads on the user's behalf, such as an MCP server response or a web search result. CVE-2026-50548 abuses the working_directory parameter on Cursor's run_terminal_cmd tool; when the agent sets that parameter to a non-default path, Cursor adds it to the sandbox's allowed-write list without further checks, letting injected instructions redirect a write to the sandbox's own helper binary (or files like ~/.zshrc) and disable sandboxing for later commands. CVE-2026-50549 abuses a fallback in Cursor's symlink-canonicalization check: when that check cannot resolve whether a write target sits inside the project, because the target does not exist or read access has been stripped, Cursor defaults to trusting the symlink's in-project path rather than blocking the write, letting an attacker-created symlink reach the same sandbox helper. Cato found no evidence of real-world exploitation before disclosure.48:["$","div",null,{"children":[["$","div",null,{"className":"article-summary mb-10","children":["$","div",null,{"className":"text-[20px] text-stone-800 leading-[1.6] font-serif font-normal","children":[["$","div","0",{"className":"mt-6 first:mt-0","children":[["$","p","0",{"className":"","children":["DuneSlide is a reminder that agentic coding tools break an assumption sandboxing was built on: that only a human, not the AI agent's own autonomous reads, decides what gets executed. Because Cursor's sandbox trusted parameters the agent itself could set, a prompt hidden in an MCP response or a search result was enough to reach full, unsandboxed code execution with zero clicks required. Cato says it is now disclosing similar flaws in other popular coding agents, arguing this is a structural weakness in how the category builds trust boundaries, not a one-off Cursor bug."]}]]}],["$","div","1",{"className":"mt-10 first:mt-0","children":[["$","h3",null,{"className":"font-serif-display text-[1.5rem] sm:text-[1.75rem] font-normal text-neutral-900 leading-[1.15] tracking-[-0.01em] mb-4 flex items-center gap-2.5","children":[["$","span",null,{"className":"w-1 h-7 bg-neutral-800 rounded-full flex-shrink-0"}],"What happened"]}],["$","div",null,{"className":"pl-3 border-l-2 border-neutral-100","children":[["$","p","0",{"className":"","children":["Cato AI Labs disclosed two critical remote-code-execution vulnerabilities in the Cursor AI code editor, together dubbed DuneSlide and tracked as CVE-2026-50548 and CVE-2026-50549, both rated 9.8 out of 10 under CVSS 3.1 (9.3 under CVSS 4.0), according to Cato's own writeup, The Hacker News and CybersecurityNews. Cursor says its editor is used by more than half of the Fortune 500."]}]]}]]}],["$","div","2",{"className":"mt-10 first:mt-0","children":[["$","h3",null,{"className":"font-serif-display text-[1.5rem] sm:text-[1.75rem] font-normal text-neutral-900 leading-[1.15] tracking-[-0.01em] mb-4 flex items-center gap-2.5","children":[["$","span",null,{"className":"w-1 h-7 bg-neutral-800 rounded-full flex-shrink-0"}],"Technical context"]}],["$","div",null,{"className":"pl-3 border-l-2 border-neutral-100","children":[["$","p","0",{"className":"","children":["$50"]}]]}]]}],["$","div","3",{"className":"mt-10 first:mt-0","children":["$L51","$L52"]}],"$L53","$L54"]}]}],"$L55","$L56","$L57","$L58","$L59","$L5a","$L5b"]}]
49:["$","nav",null,{"aria-label":"Chronological articles","className":"max-w-4xl mx-auto px-4 sm:px-6 py-6 border-t border-neutral-200","children":["$","div",null,{"className":"grid grid-cols-1 sm:grid-cols-2 gap-4","children":[["$","$L14",null,{"href":"/news/airbility-bets-on-high-speed-drones-amid-iran-war-913eee2d","rel":"prev","className":"group rounded-xl border border-neutral-200 bg-white p-4 transition-colors hover:border-neutral-300 hover:bg-neutral-50","children":[["$","span",null,{"className":"text-[11px] font-semibold uppercase tracking-wide text-neutral-500","children":"← Newer story"}],["$","span",null,{"className":"font-serif-display mt-1 block text-[15px] leading-[1.25] text-neutral-900 line-clamp-2 group-hover:text-neutral-700 transition-colors","children":"Airbility Bets on High-Speed Drones Amid Iran War"}]]}],["$","$L14",null,{"href":"/news/retailers-prioritize-ai-shopping-assistants-in-budgets-a60a5d86","rel":"next","className":"group rounded-xl border border-neutral-200 bg-white p-4 text-right transition-colors hover:border-neutral-300 hover:bg-neutral-50","children":[["$","span",null,{"className":"text-[11px] font-semibold uppercase tracking-wide text-neutral-500","children":"Older story →"}],["$","span",null,{"className":"font-serif-display mt-1 block text-[15px] leading-[1.25] text-neutral-900 line-clamp-2 group-hover:text-neutral-700 transition-colors","children":"Retailers Prioritize AI Shopping Assistants in Budgets"}]]}]]}]}]
4a:["$","$L5c",null,{"items":[{"slug":"google-launches-gemini-spark-for-macos-with-app-connections-a1d64209","title":"Google Launches Gemini Spark For macOS With App Connections","image_url":null,"impact_score":5.8,"published_at":"2026-07-03T22:20:47+00:00"},{"slug":"cato-labs-discloses-critical-rce-flaws-in-cursor-ide-a8f79d5e","title":"Cato Labs Discloses Critical RCE Flaws In Cursor IDE","image_url":null,"impact_score":7.1,"published_at":"2026-07-03T22:20:47+00:00"},{"slug":"github-copilot-adds-moonshots-open-weight-kimi-k27-code-mode-2296e652","title":"GitHub Copilot Adds Moonshot's Open-Weight Kimi K2.7 Code Model","image_url":null,"impact_score":6.8,"published_at":"2026-07-03T22:20:47+00:00"},{"slug":"deepseek-v4-generates-functional-browser-based-ransomware-in-274789d0","title":"DeepSeek V4 Generates Functional Browser-Based Ransomware In Tests","image_url":null,"impact_score":6.4,"published_at":"2026-07-03T22:20:47+00:00"}]}]
4b:["$","div",null,{"className":"max-w-4xl mx-auto px-4 sm:px-6 py-8 border-t border-neutral-200","children":[["$","div",null,{"className":"flex flex-wrap items-center gap-x-6 gap-y-2","children":[["$","$L14",null,{"href":"/news","className":"inline-flex items-center gap-2 text-sm font-medium text-neutral-600 hover:text-neutral-900 transition-colors","children":[["$","svg",null,{"className":"w-4 h-4","fill":"none","viewBox":"0 0 24 24","stroke":"currentColor","strokeWidth":2,"children":["$","path",null,{"strokeLinecap":"round","strokeLinejoin":"round","d":"M10 19l-7-7m0 0l7-7m-7 7h18"}]}],"Back to News Feed"]}],["$","$L14",null,{"href":"/news/archive","className":"inline-flex items-center gap-2 text-sm font-medium text-neutral-600 hover:text-neutral-900 transition-colors","children":"News archive"}]]}],["$","p",null,{"className":"mt-6 text-xs text-neutral-400 leading-relaxed max-w-2xl","children":["News on Let's Data Science is compiled from multiple public sources with editorial oversight. See our"," ",["$","$L14",null,{"href":"/editorial-standards","className":"underline underline-offset-2 hover:text-neutral-600","children":"Editorial Standards"}]," ","and"," ",["$","$L14",null,{"href":"/corrections","className":"underline underline-offset-2 hover:text-neutral-600","children":"Corrections Policy"}],"."]}]]}]
5d:I[47930,["52619","static/chunks/52619-c48a18d6f62d2371.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","54230","static/chunks/54230-f8c9ecafa335b403.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","32699","static/chunks/32699-7bc23d08328b1d69.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","56120","static/chunks/app/news/%5Bslug%5D/page-f27b791d7d7e1478.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM"],"default"]
63:I[92726,["52619","static/chunks/52619-c48a18d6f62d2371.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","54230","static/chunks/54230-f8c9ecafa335b403.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","32699","static/chunks/32699-7bc23d08328b1d69.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","56120","static/chunks/app/news/%5Bslug%5D/page-f27b791d7d7e1478.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM"],"default"]
64:I[95582,["52619","static/chunks/52619-c48a18d6f62d2371.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","54230","static/chunks/54230-f8c9ecafa335b403.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","32699","static/chunks/32699-7bc23d08328b1d69.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","56120","static/chunks/app/news/%5Bslug%5D/page-f27b791d7d7e1478.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM"],"default"]
65:I[84980,["52619","static/chunks/52619-c48a18d6f62d2371.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","54230","static/chunks/54230-f8c9ecafa335b403.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","32699","static/chunks/32699-7bc23d08328b1d69.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM","56120","static/chunks/app/news/%5Bslug%5D/page-f27b791d7d7e1478.js?dpl=dpl_9cwVaWieXr543oix6As2i3Dw6prM"],"default"]
51:["$","h3",null,{"className":"font-serif-display text-[1.5rem] sm:text-[1.75rem] font-normal text-neutral-900 leading-[1.15] tracking-[-0.01em] mb-4 flex items-center gap-2.5","children":[["$","span",null,{"className":"w-1 h-7 bg-neutral-800 rounded-full flex-shrink-0"}],"Timeline"]}]
52:["$","div",null,{"className":"pl-3 border-l-2 border-neutral-100","children":["$","ol",null,{"className":"relative ml-1.5 space-y-5 border-l border-neutral-200","children":[["$","li","February 19, 2026-0",{"className":"ml-6","children":[["$","span",null,{"className":"absolute -left-[5px] mt-2 h-2.5 w-2.5 rounded-full bg-neutral-900 ring-4 ring-white","aria-hidden":"true"}],["$","time",null,{"className":"block font-sans text-[12px] font-semibold uppercase tracking-[0.12em] text-neutral-500","children":"February 19, 2026"}],["$","p",null,{"className":"mt-1 font-serif text-[19px] leading-[1.5] text-stone-800","children":["Cato AI Labs privately reported both vulnerabilities to Cursor."]}]]}],["$","li","February 23, 2026-1",{"className":"ml-6","children":[["$","span",null,{"className":"absolute -left-[5px] mt-2 h-2.5 w-2.5 rounded-full bg-neutral-900 ring-4 ring-white","aria-hidden":"true"}],["$","time",null,{"className":"block font-sans text-[12px] font-semibold uppercase tracking-[0.12em] text-neutral-500","children":"February 23, 2026"}],["$","p",null,{"className":"mt-1 font-serif text-[19px] leading-[1.5] text-stone-800","children":["Cursor rejected the reports, saying its threat model did not cover misuse of MCP servers, even standard ones like the official Linear integration."]}]]}],["$","li","February 26, 2026-2",{"className":"ml-6","children":[["$","span",null,{"className":"absolute -left-[5px] mt-2 h-2.5 w-2.5 rounded-full bg-neutral-900 ring-4 ring-white","aria-hidden":"true"}],["$","time",null,{"className":"block font-sans text-[12px] font-semibold uppercase tracking-[0.12em] text-neutral-500","children":"February 26, 2026"}],["$","p",null,{"className":"mt-1 font-serif text-[19px] leading-[1.5] text-stone-800","children":["Cato escalated directly to Cursor's security team, which reopened and began triaging both issues."]}]]}],["$","li","April 2, 2026-3",{"className":"ml-6","children":[["$","span",null,{"className":"absolute -left-[5px] mt-2 h-2.5 w-2.5 rounded-full bg-neutral-900 ring-4 ring-white","aria-hidden":"true"}],["$","time",null,{"className":"block font-sans text-[12px] font-semibold uppercase tracking-[0.12em] text-neutral-500","children":"April 2, 2026"}],["$","p",null,{"className":"mt-1 font-serif text-[19px] leading-[1.5] text-stone-800","children":["Cursor shipped a fix for the working-directory flaw (CVE-2026-50548) in the Cursor 3.0 release."]}]]}],["$","li","June 1, 2026-4",{"className":"ml-6","children":[["$","span",null,{"className":"absolute -left-[5px] mt-2 h-2.5 w-2.5 rounded-full bg-neutral-900 ring-4 ring-white","aria-hidden":"true"}],["$","time",null,{"className":"block font-sans text-[12px] font-semibold uppercase tracking-[0.12em] text-neutral-500","children":"June 1, 2026"}],["$","p",null,{"className":"mt-1 font-serif text-[19px] leading-[1.5] text-stone-800","children":["Cursor confirmed the symlink flaw (CVE-2026-50549) was also fixed in the 3.0 release."]}]]}],["$","li","June 5, 2026-5",{"className":"ml-6","children":[["$","span",null,{"className":"absolute -left-[5px] mt-2 h-2.5 w-2.5 rounded-full bg-neutral-900 ring-4 ring-white","aria-hidden":"true"}],["$","time",null,{"className":"block font-sans text-[12px] font-semibold uppercase tracking-[0.12em] text-neutral-500","children":"June 5, 2026"}],["$","p",null,{"className":"mt-1 font-serif text-[19px] leading-[1.5] text-stone-800","children":["CVE IDs were assigned to both vulnerabilities."]}]]}]]}]}]
53:["$","div","4",{"className":"mt-10 first:mt-0","children":[["$","h3",null,{"className":"font-serif-display text-[1.5rem] sm:text-[1.75rem] font-normal text-neutral-900 leading-[1.15] tracking-[-0.01em] mb-4 flex items-center gap-2.5","children":[["$","span",null,{"className":"w-1 h-7 bg-neutral-800 rounded-full flex-shrink-0"}],"For practitioners"]}],["$","div",null,{"className":"pl-3 border-l-2 border-neutral-100","children":[["$","p","0",{"className":"","children":["Any Cursor installation predating version 3.0 remains exposed; teams should confirm they are on 3.0 or later. This is the third documented case of a poisoned prompt reaching code execution in Cursor alone, following CurXecute and MCPoison in 2025, plus a similar Gemini CLI flaw earlier in 2026, so organizations building on agentic coding tools should audit their own working-directory and symlink-handling logic rather than assume sandboxing holds against autonomous content ingestion. Any feature that lets an agent fetch external content, MCP servers, web search, connected repos, is a potential injection vector."]}]]}]]}]
54:["$","div","5",{"className":"mt-10 first:mt-0","children":[["$","h3",null,{"className":"font-serif-display text-[1.5rem] sm:text-[1.75rem] font-normal text-neutral-900 leading-[1.15] tracking-[-0.01em] mb-4 flex items-center gap-2.5","children":[["$","span",null,{"className":"w-1 h-7 bg-neutral-800 rounded-full flex-shrink-0"}],"What to watch"]}],["$","div",null,{"className":"pl-3 border-l-2 border-neutral-100","children":[["$","p","0",{"className":"","children":["Cato says it is in the process of responsibly disclosing similar sandbox-escape flaws in other popular coding agents, which would confirm this is a category-wide architectural gap rather than a Cursor-specific defect; whether other vendors adopt the fix pattern Cursor used, treating agent-controllable parameters as untrusted input, will determine how quickly this recurs elsewhere."]}]]}]]}]
55:["$","section",null,{"className":"key-points-content mb-10 p-5 sm:p-6 bg-neutral-50/80 rounded-2xl border border-neutral-100","children":[["$","h2",null,{"className":"text-base font-semibold text-neutral-900 mb-4 flex items-center gap-2","children":[["$","svg",null,{"className":"w-4 h-4 text-neutral-500","fill":"none","viewBox":"0 0 24 24","stroke":"currentColor","strokeWidth":2,"children":["$","path",null,{"strokeLinecap":"round","strokeLinejoin":"round","d":"M9 5H7a2 2 0 00-2 2v12a2 2 0 002 2h10a2 2 0 002-2V7a2 2 0 00-2-2h-2M9 5a2 2 0 002 2h2a2 2 0 002-2M9 5a2 2 0 012-2h2a2 2 0 012 2m-6 9l2 2 4-4"}]}],"Key Points"]}],["$","ul",null,{"className":"space-y-3","children":[["$","li","0",{"className":"flex items-start gap-3","children":[["$","span",null,{"className":"flex-shrink-0 w-5 h-5 rounded-full bg-neutral-200 text-neutral-600 text-[11px] font-bold flex items-center justify-center mt-0.5","children":1}],["$","span",null,{"className":"text-stone-700 leading-[1.6] text-[15px] font-serif","children":["Cato AI Labs disclosed DuneSlide, two 9.8-severity zero-click RCE flaws in Cursor's sandbox, already patched in Cursor 3.0."]}]]}],["$","li","1",{"className":"flex items-start gap-3","children":[["$","span",null,{"className":"flex-shrink-0 w-5 h-5 rounded-full bg-neutral-200 text-neutral-600 text-[11px] font-bold flex items-center justify-center mt-0.5","children":2}],["$","span",null,{"className":"text-stone-700 leading-[1.6] text-[15px] font-serif","children":["A prompt hidden in MCP server content or search results could hijack Cursor's agent to escape its sandbox without any user click."]}]]}],["$","li","2",{"className":"flex items-start gap-3","children":[["$","span",null,{"className":"flex-shrink-0 w-5 h-5 rounded-full bg-neutral-200 text-neutral-600 text-[11px] font-bold flex items-center justify-center mt-0.5","children":3}],["$","span",null,{"className":"text-stone-700 leading-[1.6] text-[15px] font-serif","children":["As the third such Cursor bug in a year, DuneSlide shows agentic coding tools need sandboxes built for autonomous content ingestion."]}]]}]]}]]}]
56:["$","section",null,{"className":"mb-10 p-5 bg-neutral-50 rounded-xl border border-neutral-200","children":["$","div",null,{"className":"flex items-start gap-3","children":[["$","div",null,{"className":"flex-shrink-0 w-8 h-8 rounded-lg bg-neutral-900 flex items-center justify-center","children":["$","svg",null,{"className":"w-4 h-4 text-white","fill":"none","viewBox":"0 0 24 24","stroke":"currentColor","strokeWidth":2,"children":["$","path",null,{"strokeLinecap":"round","strokeLinejoin":"round","d":"M9.663 17h4.673M12 3v1m6.364 1.636l-.707.707M21 12h-1M4 12H3m3.343-5.657l-.707-.707m2.828 9.9a5 5 0 117.072 0l-.548.547A3.374 3.374 0 0014 18.469V19a2 2 0 11-4 0v-.531c0-.895-.356-1.754-.988-2.386l-.548-.547z"}]}]}],["$","div",null,{"className":"flex-1 min-w-0","children":[["$","h2",null,{"className":"text-sm font-semibold text-neutral-900 mb-1","children":"Scoring Rationale"}],["$","p",null,{"className":"text-stone-700 leading-[1.6] text-sm font-serif","children":["A CVSS 9.8 zero-click sandbox-escape chain in a coding tool used by most of the Fortune 500 is a serious, well-documented case, but it was responsibly disclosed, patched months before public disclosure, shows no evidence of exploitation, and is the third such bug in a recurring pattern rather than a novel category of risk, keeping it in the notable tier."]}]]}]]}]}]
57:["$","div",null,{"className":"my-8 pt-6 border-t border-neutral-100","children":["$","$L14",null,{"href":"/news/topic/ai-developer-tools","className":"inline-flex items-center gap-2 text-[13px] font-medium text-neutral-600 hover:text-amber-700 transition-colors group","children":[["$","span",null,{"className":"text-[10px] font-bold tracking-[0.18em] uppercase text-amber-700","children":"More"}],["$","span",null,{"className":"font-serif font-medium text-neutral-900 text-[15px]","children":["AI Developer Tools"," news"]}],["$","span",null,{"aria-hidden":"true","className":"transition-transform group-hover:translate-x-0.5","children":"→"}]]}]}]
58:["$","section",null,{"aria-labelledby":"article-sources-heading","className":"mt-12 border-t border-neutral-200 pt-6","children":[["$","div",null,{"className":"flex flex-col gap-1 sm:flex-row sm:items-end sm:justify-between","children":[["$","div",null,{"children":[["$","h2",null,{"id":"article-sources-heading","className":"text-xs font-bold uppercase tracking-[0.18em] text-neutral-500","children":"Sources"}],["$","p",null,{"className":"mt-1 text-sm leading-6 text-neutral-600","children":"Public references used for this report."}]]}],["$","span",null,{"className":"text-xs font-semibold uppercase tracking-[0.16em] text-neutral-400 sm:pb-1","children":[4," source","s"]}]]}],["$","div",null,{"className":"mt-4 overflow-hidden rounded-xl border border-neutral-200 bg-white","children":[["$","div",null,{"className":"divide-y divide-neutral-100","children":[["$","a","https://www.catonetworks.com/blog/duneslide-two-critical-rce-vulnerabilities/-0",{"href":"https://www.catonetworks.com/blog/duneslide-two-critical-rce-vulnerabilities/","target":"_blank","rel":"noopener noreferrer","className":"group flex min-w-0 items-center gap-3 px-3 py-3 transition-colors hover:bg-neutral-50 sm:px-4","children":[["$","span",null,{"className":"flex h-9 w-9 flex-shrink-0 items-center justify-center rounded-lg border border-neutral-200 bg-white","children":["$","$L5d",null,{"domain":"catonetworks.com","size":22,"className":"h-[22px] w-[22px] rounded-md object-contain"}]}],["$","span",null,{"className":"min-w-0 flex-1","children":[["$","span",null,{"className":"flex min-w-0 items-center gap-2","children":[["$","span",null,{"className":"text-[10px] font-semibold tabular-nums text-neutral-400","children":"01"}],["$","span",null,{"className":"truncate text-[11px] font-bold uppercase tracking-[0.14em] text-neutral-500","children":"catonetworks.com"}]]}],["$","span",null,{"className":"mt-0.5 block truncate text-sm font-medium leading-snug text-neutral-900 group-hover:text-neutral-700","children":"DuneSlide: Two Critical RCE Vulnerabilities via Zero-Click Prompt Injection in Cursor IDE"}]]}],["$","svg",null,{"ref":"$undefined","xmlns":"http://www.w3.org/2000/svg","width":24,"height":24,"viewBox":"0 0 24 24","fill":"none","stroke":"currentColor","strokeWidth":2,"strokeLinecap":"round","strokeLinejoin":"round","className":"lucide lucide-external-link h-3.5 w-3.5 flex-shrink-0 text-neutral-300 transition-colors group-hover:text-neutral-500","aria-hidden":"true","children":[["$","path","1q9fwt",{"d":"M15 3h6v6"}],["$","path","gplh6r",{"d":"M10 14 21 3"}],["$","path","a6xqqp",{"d":"M18 13v6a2 2 0 0 1-2 2H5a2 2 0 0 1-2-2V8a2 2 0 0 1 2-2h6"}],"$undefined"]}]]}],["$","a","https://github.com/cursor/cursor/security/advisories/GHSA-3v8f-48vw-3mjx-1",{"href":"https://github.com/cursor/cursor/security/advisories/GHSA-3v8f-48vw-3mjx","target":"_blank","rel":"noopener noreferrer","className":"group flex min-w-0 items-center gap-3 px-3 py-3 transition-colors hover:bg-neutral-50 sm:px-4","children":[["$","span",null,{"className":"flex h-9 w-9 flex-shrink-0 items-center justify-center rounded-lg border border-neutral-200 bg-white","children":["$","$L5d",null,{"domain":"github.com","size":22,"className":"h-[22px] w-[22px] rounded-md object-contain"}]}],["$","span",null,{"className":"min-w-0 flex-1","children":[["$","span",null,{"className":"flex min-w-0 items-center gap-2","children":[["$","span",null,{"className":"text-[10px] font-semibold tabular-nums text-neutral-400","children":"02"}],["$","span",null,{"className":"truncate text-[11px] font-bold uppercase tracking-[0.14em] text-neutral-500","children":"github.com"}]]}],["$","span",null,{"className":"mt-0.5 block truncate text-sm font-medium leading-snug text-neutral-900 group-hover:text-neutral-700","children":"GHSA-3v8f-48vw-3mjx: Cursor symlink canonicalization RCE (CVE-2026-50549)"}]]}],["$","svg",null,{"ref":"$undefined","xmlns":"http://www.w3.org/2000/svg","width":24,"height":24,"viewBox":"0 0 24 24","fill":"none","stroke":"currentColor","strokeWidth":2,"strokeLinecap":"round","strokeLinejoin":"round","className":"lucide lucide-external-link h-3.5 w-3.5 flex-shrink-0 text-neutral-300 transition-colors group-hover:text-neutral-500","aria-hidden":"true","children":["$L5e","$L5f","$L60","$undefined"]}]]}],"$L61"]}],"$L62"]}]]}]
59:["$","$L63",null,{"articleSlug":"researchers-disclose-zero-click-rce-flaws-in-cursor-ide-3f168dba"}]
5a:["$","$L64",null,{}]
5b:["$","$L65",null,{"tags":"$3d:props:tags","articleSlug":"researchers-disclose-zero-click-rce-flaws-in-cursor-ide-3f168dba"}]
5e:["$","path","1q9fwt",{"d":"M15 3h6v6"}]
5f:["$","path","gplh6r",{"d":"M10 14 21 3"}]
60:["$","path","a6xqqp",{"d":"M18 13v6a2 2 0 0 1-2 2H5a2 2 0 0 1-2-2V8a2 2 0 0 1 2-2h6"}]
61:["$","a","https://thehackernews.com/2026/07/critical-cursor-flaws-could-let-prompt.html-2",{"href":"https://thehackernews.com/2026/07/critical-cursor-flaws-could-let-prompt.html","target":"_blank","rel":"noopener noreferrer","className":"group flex min-w-0 items-center gap-3 px-3 py-3 transition-colors hover:bg-neutral-50 sm:px-4","children":[["$","span",null,{"className":"flex h-9 w-9 flex-shrink-0 items-center justify-center rounded-lg border border-neutral-200 bg-white","children":["$","$L5d",null,{"domain":"thehackernews.com","size":22,"className":"h-[22px] w-[22px] rounded-md object-contain"}]}],["$","span",null,{"className":"min-w-0 flex-1","children":[["$","span",null,{"className":"flex min-w-0 items-center gap-2","children":[["$","span",null,{"className":"text-[10px] font-semibold tabular-nums text-neutral-400","children":"03"}],["$","span",null,{"className":"truncate text-[11px] font-bold uppercase tracking-[0.14em] text-neutral-500","children":"thehackernews.com"}]]}],["$","span",null,{"className":"mt-0.5 block truncate text-sm font-medium leading-snug text-neutral-900 group-hover:text-neutral-700","children":"Critical Cursor Flaws Could Let Prompt Injection Escape Sandbox and Run Commands"}]]}],["$","svg",null,{"ref":"$undefined","xmlns":"http://www.w3.org/2000/svg","width":24,"height":24,"viewBox":"0 0 24 24","fill":"none","stroke":"currentColor","strokeWidth":2,"strokeLinecap":"round","strokeLinejoin":"round","className":"lucide lucide-external-link h-3.5 w-3.5 flex-shrink-0 text-neutral-300 transition-colors group-hover:text-neutral-500","aria-hidden":"true","children":[["$","path","1q9fwt",{"d":"M15 3h6v6"}],["$","path","gplh6r",{"d":"M10 14 21 3"}],["$","path","a6xqqp",{"d":"M18 13v6a2 2 0 0 1-2 2H5a2 2 0 0 1-2-2V8a2 2 0 0 1 2-2h6"}],"$undefined"]}]]}]
62:["$","details",null,{"className":"group border-t border-neutral-200","children":[["$","summary",null,{"className":"flex cursor-pointer list-none items-center justify-between gap-3 px-3 py-3 text-sm font-semibold text-neutral-700 transition-colors hover:bg-neutral-50 sm:px-4 [&::-webkit-details-marker]:hidden","children":[["$","span",null,{"children":["View ",1," more source",""]}],["$","svg",null,{"ref":"$undefined","xmlns":"http://www.w3.org/2000/svg","width":24,"height":24,"viewBox":"0 0 24 24","fill":"none","stroke":"currentColor","strokeWidth":2,"strokeLinecap":"round","strokeLinejoin":"round","className":"lucide lucide-chevron-down h-4 w-4 flex-shrink-0 text-neutral-400 transition-transform group-open:rotate-180","aria-hidden":"true","children":[["$","path","qrunsl",{"d":"m6 9 6 6 6-6"}],"$undefined"]}]]}],["$","ol",null,{"className":"border-t border-neutral-100 bg-neutral-50/70 px-2 py-2 sm:grid sm:grid-cols-2 sm:gap-x-4","children":[["$","li","https://cybersecuritynews.com/cursor-ide-rce-vulnerabilities/-3",{"className":"min-w-0","children":["$","a",null,{"href":"https://cybersecuritynews.com/cursor-ide-rce-vulnerabilities/","target":"_blank","rel":"noopener noreferrer","className":"group flex min-w-0 items-center gap-3 rounded-lg px-2.5 py-2 transition-colors hover:bg-neutral-50","children":[["$","span",null,{"className":"w-7 flex-shrink-0 text-right text-[11px] font-semibold tabular-nums text-neutral-400","children":"04"}],["$","span",null,{"className":"min-w-0 flex-1","children":[["$","span",null,{"className":"block truncate text-sm font-medium leading-snug text-neutral-800 group-hover:text-neutral-950","children":"Critical Cursor IDE RCE Vulnerabilities Enable Prompt Injection in Zero-Click"}],["$","span",null,{"className":"mt-0.5 block truncate text-xs leading-none text-neutral-500","children":"cybersecuritynews.com"}]]}],["$","svg",null,{"ref":"$undefined","xmlns":"http://www.w3.org/2000/svg","width":24,"height":24,"viewBox":"0 0 24 24","fill":"none","stroke":"currentColor","strokeWidth":2,"strokeLinecap":"round","strokeLinejoin":"round","className":"lucide lucide-external-link h-3.5 w-3.5 flex-shrink-0 text-neutral-300 transition-colors group-hover:text-neutral-500","aria-hidden":"true","children":[["$","path","1q9fwt",{"d":"M15 3h6v6"}],["$","path","gplh6r",{"d":"M10 14 21 3"}],["$","path","a6xqqp",{"d":"M18 13v6a2 2 0 0 1-2 2H5a2 2 0 0 1-2-2V8a2 2 0 0 1 2-2h6"}],"$undefined"]}]]}]}]]}]]}]
