Loading market data...
← Back to CVE feed

CVE-2026-48124

UNKNOWN View on NVD ↗

Description

Cursor is a code editor built for programming with AI. In versions prior to 3.0.0, the Cursor Desktop could execute workspace-defined Claude hook commands from .claude/settings.local.json without dedicated user approval. A malicious workspace or agent-created file could configure hooks that run local commands in the user's context when an agent turn ends. This could allow sandbox escape, persistence across turns, local data access, or follow-on compromise. This issue has been fixed in version 3.0.0.

Published: Jun 15, 2026 21:17 UTC Modified: Jun 16, 2026 15:49 UTC