NEWTwo Critical Sandbox Vulnerabilities in Cursor Enable Operating System Access6. July 2026CybersecurityTwo sandbox-escape vulnerabilities (CVE-2026-50548, CVE-2026-50549, CVSS 9.8) in Cursor enable remote code execution on the operating system via manipulated prompts — patch available since April. Share on: