{
"$type": "site.standard.document",
"bskyPostRef": {
"cid": "bafyreifzxxculyh6axvvwknizcwqoc5k2snvppb5lvhnpdinzwowf3oljq",
"uri": "at://did:plc:ghkvexthfanuyq7fb5veq6tw/app.bsky.feed.post/3mplwsg4srei2"
},
"coverImage": {
"$type": "blob",
"ref": {
"$link": "bafkreifmchrlma3yxmmb252g2ia6srrwb3octndhzz6c7rscwhqaaz2bn4"
},
"mimeType": "image/jpeg",
"size": 151319
},
"path": "/2026/07/critical-cursor-flaws-could-let-prompt.html",
"publishedAt": "2026-07-01T14:42:54.000Z",
"site": "https://thehackernews.com",
"textContent": "Two flaws in Cursor, an AI code editor, could let a single, ordinary-looking prompt break out of the editor's safety sandbox and run any command on a developer's computer. There is no click to fall for and no approval box to ignore. Cato AI Labs found the pair and named them DuneSlide. They are tracked as CVE-2026-50548 and CVE-2026-50549, both rated 9.8 out of 10 (or 9.3",
"title": "Critical Cursor Flaws Could Let Prompt Injection Escape Sandbox and Run Commands"
}