CVE-2026-26268 HIGH

CVE-2026-26268: Cursor sandbox escape via Git hooks

Vendor Cursor
Product cursor
Weakness CWE-862 · Missing authorization
Published February 13, 2026
Last update February 13, 2026

CVSS base score

8.1/10
Attack vector Network
Attack complexity High
Privileges required High
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

What the vulnerability does

01Description

Cursor is a code editor built for programming with AI. Sandbox escape via writing .git configuration was possible in versions prior to 2.5. A malicious agent (ie prompt injection) could write to improperly protected .git settings, including git hooks, which may cause out-of-sandbox RCE next time they are triggered. No user interaction was required as Git executes these commands automatically. Fixed in version 2.5.

Key dates

02Disclosure timeline

February 13, 2026 CVE published
February 13, 2026 Record updated