CVE-2026-31854
HIGH 8.8Cursor is a code editor built for programming with AI. Prior to 2.0 ,if a visited website contains maliciously crafted instructions, the model may attempt to follow them in order to “assist” the user. When combined with a bypass of the command whitelist mechanism, such indirect prompt injections could result in commands being executed automatically, without the user’s explicit intent, thereby posing a significant security risk. This vulnerability is fixed in 2.0.
Affected Applications in Environment
14
Cursor
v0.48.9
1 device
Cursor
v2.6.14 (2.4.37)
2 devices
Cursor
v2.5.20 (2.4.21)
2 devices
Cursor
v2.5.26 (2.5.17)
3 devices
Cursor
v1.4.3
1 device
Cursor
v3.0.9 (2.3.35)
1 device
Cursor
v2.6.18 (2.6.12)
4 devices
Cursor
1 device
Cursor
v2.6.11 (2.5.26)
3 devices
Cursor
v1.7.46
1 device
Cursor
v1.7.44
2 devices
Cursor
v0.44.11 (241206z7j6me2e2)
1 device
Cursor
v2.6.20 (2.2.20)
1 device
Cursor
v2.4.31 (2.3.41)
1 device
Affected Devices
16
A02431789-Y45D2V9TXH
Mac
DPINFT-MJ0CFS1F
Windows
F-16
Mac
Kotaro
Mac
USULOAN446
Windows
a00015523-HL9P9L0MC7
Mac
a00288946-C02ZPYXBMD6N
Mac
a00288946-F6VM65M2H3
Mac
a00983376-G09J49PM70
Mac
a01621681-C02FP14GMD6T
Mac
a02304617-PQJMWR7W2M
Mac
a02324477-RR73X1VHHP
Mac
a02376833-F44QRWP393
Mac
a02462004-FVKH5QCYT2
Mac
adamthomas-H73N967GM2
Mac
zsolt_ugray's MacBook Air-L6XRV629N4
Mac