Critical Cursor Flaws Could Let Prompt Injection Escape Sandbox and Run Commands
Security researchers discovered critical flaws in Cursor that could allow prompt injection attacks to escape the AI coding assistant's sandbox and execute arbitrary commands on the host system. The vulnerabilities enable attackers to bypass security restrictions, potentially leading to full system compromise when users interact with untrusted code or prompts.
Developers using Cursor risk system compromise from prompt injection attacks that bypass the sandbox.


