Zero-Click Prompt Injection to RCE in Cursor IDE: DuneSlide
Cato AI Labs just disclosed DuneSlide, two critical RCE vulnerabilities found in Cursor IDE: CVE-2026-50548 and CVE-2026-50549. Both are rated Critical. The interesting part is the attack path. This was not just prompt injection changing model output. The agent could ingest untrusted content from sources like MCP servers or web search results, then act through the app around it. With DuneSlide, zero-click prompt injection could become a path to: sandbox escape arbitrary file write unsandboxed remote code execution A user does not need to open a malicious file or run attacker-controlled code. The exploit can start when a normal-looking prompt causes the agent to ingest attacker-controlled content from an untrusted source. The main thing this research shows is the sandbox matters, but so do the inputs, permissions, execution paths, and boundaries around it. Full writeup: https://bit.ly/4vMylp8 submitted by /u/bscottrosen21 [link] [comments]Technical Information Security Content & DiscussionRead More