Prompt Injection Chain Breaks Cursor AI Sandbox, Enables Full RCE
Two critical vulnerabilities (CVE-2026-50548 and CVE-2026-50549) in the Cursor AI code editor allow prompt injection attacks delivered via MCP services or web search results to escape the editor's …
AML.T0051 - LLM Prompt Injection
AML.T0047 - ML-Enabled Product or Service
AML.T0043 - Craft Adversarial Data