{"uuid": "08755357-cf77-4bd9-8cfa-0ae4b18dea56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-50549", "type": "published-proof-of-concept", "source": "https://t.me/thehackernews/9385", "content": "\ud83d\uded1 Two Cursor vulnerabilities could let hidden prompt-injection instructions escape the editor\u2019s terminal sandbox and run commands on a developer\u2019s machine.\n\nTracked as CVE-2026-50548 and CVE-2026-50549, they affect versions before 3.0.\n\nSee how it works: https://thehackernews.com/2026/07/critical-cursor-flaws-could-let-prompt.html", "creation_timestamp": "2026-07-15T12:00:03.699315Z"}