CVE-2026-48124
HighCVSS 8.5Exploitation Probability (EPSS)
Low risk3th percentile - higher than 3% of all known CVEs
Summary
Cursor is a code editor designed for programming with AI. In versions prior to 3.0.0, Cursor Desktop could execute workspace-defined hook commands from .claude/settings.local.json without dedicated user approval.
Risk Assessment
A malicious file created by a workspace or agent could configure hooks that run local commands in the user's context, potentially leading to sandbox escape, persistence, or local data compromise.
Recommendation
It is recommended to upgrade to version 3.0.0 to mitigate this vulnerability and secure the system against potential attacks.
Original NVD description (English source)
Cursor is a code editor built for programming with AI. In versions prior to 3.0.0, the Cursor Desktop could execute workspace-defined Claude hook commands from .claude/settings.local.json without dedicated user approval. A malicious workspace or agent-created file could configure hooks that run local commands in the user's context when an agent turn ends. This could allow sandbox escape, persistence across turns, local data access, or follow-on compromise. This issue has been fixed in version 3.0.0.

