CyberRota
← Ana sayfaya dön

CVE-2026-48124

UNKNOWN · CVSS N/A EPSS %0.14 Public Exploit

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-06-15T21:17:13.927 · Çekilme zamanı: 2026-06-30T18:22:33.193713+00:00

CyberRota Yorumu

Detaylı analiz gerekiyor.

Public Exploit Sinyali

Bu CVE için açıklama veya referanslarda public exploit / PoC / GitHub / Metasploit sinyali tespit edildi.

GitHub PoC Linkleri
github.com

Not: Bu bağlantılar yalnızca güvenlik araştırması ve doğrulama amacıyla listelenmiştir.

CVE
CVE-2026-48124
Severity
UNKNOWN
CVSS
N/A
EPSS
%0.14

Orijinal NVD Açıklaması

Cursor is a code editor built for programming with AI. In versions prior to 3.0.0, the Cursor Desktop could execute workspace-defined Claude hook commands from .claude/settings.local.json without dedicated user approval. A malicious workspace or agent-created file could configure hooks that run local commands in the user's context when an agent turn ends. This could allow sandbox escape, persistence across turns, local data access, or follow-on compromise. This issue has been fixed in version 3.0.0.