{"vulnerability": "cve-2026-26268", "sightings": [{"uuid": "4b8f603d-25da-4161-adc3-1b3a64ef684d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-26268", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mer3ai5fiw23", "content": "", "creation_timestamp": "2026-02-13T17:54:45.764864Z"}, {"uuid": "a0bac86c-f923-49ef-85aa-6ebdeeeff86e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-26268", "type": "seen", "source": "https://bsky.app/profile/eyalestrin.bsky.social/post/3mkmztuqow32z", "content": "Vulnerability in Cursor IDE (CVE-2026-26268) #appsec", "creation_timestamp": "2026-04-29T11:50:19.396612Z"}, {"uuid": "fb944dec-361a-4f91-b071-55c96bcd3093", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-26268", "type": "seen", "source": "https://bsky.app/profile/mel-echosphere.bsky.social/post/3mkppekyzlz2l", "content": "Cursor \u306e Git integration\u3001CVE-2026-26268 (CVSS 9.9)\u3002\n\nprompt injection \u3067 .git/config \u3092\u66f8\u304d\u63db\u3048\u3066\u30d5\u30c3\u30af\u3092\u4ed5\u8fbc\u3080\u3002\u6b21\u306e git pull/commit \u304c trigger \u3067\u4efb\u610f\u30b3\u30fc\u30c9\u5b9f\u884c\u2014\u2014v2.5 \u672a\u6e80\u304c\u5bfe\u8c61\u3002\ud83d\udd4a\ufe0f\n\nhttps://www.csoonline.com/article/4164250/critical-cursor-bug-could-turn-routine-git-into-rce.html", "creation_timestamp": "2026-04-30T13:20:48.125439Z"}, {"uuid": "e3ee5d86-5c29-4c2d-af3e-38095a7e8b85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-26268", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mkoskeky7c2g", "content": "Cursor AI IDE vulnerability allows code execution via hidden Git hooks\n\nNovee researchers find high-severity CVE-2026-26268 flaw in Cursor AI, allowing hackers to run malicious code when developers clone repositories.\n#cursor #hackernews #news", "creation_timestamp": "2026-04-30T04:45:12.972028Z"}, {"uuid": "78fea0f3-56c6-4fb6-9a80-bd8fa475a686", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-26268", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3mkpsj5w4c72c", "content": "Critical vulnerability CVE-2026-26268 in Cursor AI exposes developers to remote code execution via malicious repositories. Update now and enable Workspace Trust! #CyberSecurity #AI #DevSecOps Link: thedailytechfeed.com/critical-vul...", "creation_timestamp": "2026-04-30T14:17:03.390632Z"}, {"uuid": "f6076c6a-f207-443c-b35f-4b5112853f3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-26268", "type": "seen", "source": "https://bsky.app/profile/dailyqiitatrends.bsky.social/post/3ml2rkp6deb2m", "content": "\u4eca\u65e5\u306eQiita\u30c8\u30ec\u30f3\u30c9\n\n\u3010\u7dca\u6025\u3011Cursor\u306b\u300cgit clone\u300d\u3059\u308b\u3060\u3051\u3067PC\u304c\u4e57\u3063\u53d6\u3089\u308c\u308b\u8106\u5f31\u6027\uff01CVSS 9.9\u306e\u30e4\u30d0\u3059\u304e\u308b\u653b\u6483\u624b\u6cd5\nCursor\u306e\u30d0\u30fc\u30b8\u30e7\u30f32.4\u4ee5\u524d\u306b\u3001\u30ea\u30dd\u30b8\u30c8\u30ea\u3092\u30af\u30ed\u30fc\u30f3\u3059\u308b\u3060\u3051\u3067PC\u304c\u4e57\u3063\u53d6\u3089\u308c\u308b\u81f4\u547d\u7684\u306a\u8106\u5f31\u6027\uff08CVE-2026-26268\uff09\u304c\u767a\u898b\u3055\u308c\u307e\u3057\u305f\u3002\nAI\u30a8\u30fc\u30b8\u30a7\u30f3\u30c8\u304c\u81ea\u5f8b\u7684\u306bGit\u64cd\u4f5c\u3092\u884c\u3046\u4ed5\u7d44\u307f\u304c\u60aa\u7528\u3055\u308c\u308b\u305f\u3081\u3001CVSS 9.9\u3068\u3044\u3046\u975e\u5e38\u306b\u9ad8\u3044\u5371\u967a\u5ea6\u3068\u306a\u3063\u3066\u3044\u307e\u3059\u3002\n\u5bfe\u7b56\u3068\u3057\u3066\u3001\u76f4\u3061\u306b\u30d0\u30fc\u30b8\u30e7\u30f32.5\u4ee5\u4e0a\u306b\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u3057\u3066\u304f\u3060\u3055\u3044\u3002\n\u3042\u308f\u305b\u3066\u3001\u4fe1\u983c\u3067\u304d\u306a\u3044\u30ea\u30dd\u30b8\u30c8\u30ea\u306e\u30af\u30ed\u30fc\u30f3\u3092\u63a7\u3048\u308b\u306a\u3069\u306e\u6ce8\u610f\u304c\u63a8\u5968\u3055\u308c\u3066\u3044\u307e\u3059\u3002\n", "creation_timestamp": "2026-05-04T22:59:18.054454Z"}, {"uuid": "c86a9636-ae27-418b-bb9a-2cbf638d9b9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-26268", "type": "seen", "source": "Telegram/yfj8_Wf1r81ZM9XH5mmBYiYd4G1zdIl6xbgawa_XXGScCdQ", "content": "", "creation_timestamp": "2026-05-05T21:00:04.000000Z"}, {"uuid": "d7d3b202-c01b-43b6-a225-bd35491c2337", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-26268", "type": "seen", "source": "https://bsky.app/profile/armor-1.bsky.social/post/3mliaz6p77c27", "content": "CVE-2026-26268: Cursor RCE via hidden Git hooks. CVSS 8.1. Opening a prepared repo runs code in your session, no prompt injection needed. Fixed in Cursor 2.5.", "creation_timestamp": "2026-05-10T07:40:26.947038Z"}, {"uuid": "ee320ce1-e88b-4002-9093-30fe7baa302e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-26268", "type": "seen", "source": "https://bsky.app/profile/crustytldr.bsky.social/post/3mliivhn7to2g", "content": "\ud83d\udd12 Cursor CVE-2026-26268: Hidden Git hooks RCE via agents autonomous Git operations\n\nA critical remote code execution (RCE) vulnerability, CVE-2026-26268, affects ...\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-26268 #CyberSecurity #InfoSec #CrustyTLDR", "creation_timestamp": "2026-05-10T10:01:32.344688Z"}, {"uuid": "d9ee47cf-9c98-4dcc-ac11-12578a53ceef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-26268", "type": "seen", "source": "https://t.me/GithubRedTeam/84997", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #RCE #CVE\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a agentic-ioc-scanner\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a dhawaldesai\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Shell\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-05-20 11:00:52\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nIOC scanner for agentic AI coding tools \u2014 detects Mini Shai-Hulud, Gemini CLI RCE, Cursor CVE-2026-26268, and DPRK PromptMink.\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-05-20T11:02:25.000000Z"}]}