Critical Cursor Flaws Could Let Prompt Injection Escape Sandbox and Run Commands

Summary

Two critical vulnerabilities, collectively named DuneSlide, have been discovered in the AI code editor Cursor. These flaws could allow a malicious prompt to bypass the editor's sandbox and execute arbitrary commands on a developer's machine without user interaction. Both vulnerabilities have been assigned a CVSS score of 9.8.

IFF Assessment

FOE

These vulnerabilities allow attackers to bypass security measures and execute arbitrary commands, posing a significant risk to developers and their systems.

Severity

9.8 Critical

The high CVSS score of 9.8 reflects the critical nature of these vulnerabilities, which allow for remote code execution and bypass of safety sandboxing mechanisms with minimal user interaction.

Defender Context

This highlights a critical emerging threat vector at the intersection of AI and code editing tools. Defenders should be aware of prompt injection attacks specifically targeting AI-powered development environments and the potential for these to escalate to full system compromise. Vigilance in scrutinizing prompts, even within seemingly secure sandboxes, is paramount.

Read Full Story →