CVE-2026-26268
Awaiting Analysis Awaiting Analysis - Queue
Sandbox Escape via .git Misconfiguration in Cursor Editor Leads to RCE

Publication date: 2026-02-13

Last updated on: 2026-02-18

Assigner: GitHub, Inc.

Description
Cursor is a code editor built for programming with AI. Sandbox escape via writing .git configuration was possible in versions prior to 2.5. A malicious agent (ie prompt injection) could write to improperly protected .git settings, including git hooks, which may cause out-of-sandbox RCE next time they are triggered. No user interaction was required as Git executes these commands automatically. Fixed in version 2.5.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-13
Last Modified
2026-02-18
Generated
2026-05-07
AI Q&A
2026-02-13
EPSS Evaluated
2026-05-05
NVD
CVE-2026-26268
EUVD
EUVD-2026-7368
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
anysphere cursor to 2.5 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-862 The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

CVE-2026-26268 is a high-severity vulnerability in the Cursor code editor prior to version 2.5. It allows a malicious actor to escape the sandbox by writing to improperly protected .git configuration files, including Git hooks. Since Git automatically executes these hooks, this can lead to remote code execution (RCE) outside the sandbox without any user interaction.


How can this vulnerability impact me? :

If exploited, this vulnerability can lead to remote code execution outside the sandbox environment, allowing an attacker to run arbitrary code with high privileges. This compromises the confidentiality, integrity, and availability of the affected system, potentially leading to severe security breaches.


How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

I don't know


How can this vulnerability be detected on my network or system? Can you suggest some commands?

Detection of this vulnerability involves checking for unauthorized or malicious modifications to the .git configuration files, especially Git hooks, within the cursor software environment prior to version 2.5.

You can inspect the .git directory for suspicious or unexpected hook scripts that may have been added or altered. For example, running commands to list and examine Git hooks can help identify potential exploitation:

  • List Git hooks in the repository: ls -l .git/hooks/
  • View the contents of specific hook scripts to check for malicious code: cat .git/hooks/pre-commit (or other hook files)
  • Check for unusual changes in .git/config or other configuration files: cat .git/config

Monitoring for unexpected writes or changes to these files, especially by untrusted or low-privilege processes, can help detect attempts to exploit this vulnerability.


What immediate steps should I take to mitigate this vulnerability?

The primary mitigation step is to upgrade the cursor software to version 2.5 or later, where this vulnerability has been fixed.

Additionally, ensure that the .git directory and its configuration files, including Git hooks, have proper permissions to prevent unauthorized write access.

Restrict high privileges and limit access to the environment where cursor is running to reduce the risk of exploitation.

Regularly audit and monitor the .git configuration and hooks for unauthorized changes.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart