Critical Vulnerabilities Discovered in Google Gemini CLI and Cursor

A serious security flaw has been uncovered in both Google Gemini CLI and Cursor, two widely used developer tools. The vulnerability could potentially allow attackers to execute unauthorized commands or access sensitive data. According to a report from IT News on May 3, 2026, the issue affects the command-line interface of Google's Gemini AI model as well as Cursor, an AI-powered code editor. Users are urged to update their software immediately to mitigate risks. Details of the vulnerability are still emerging, but it is believed to stem from improper input handling. This discovery highlights ongoing security challenges in AI-assisted development platforms.