Two major remote code execution vulnerabilities have been disclosed and patched in GitHub and the Cursor IDE. GitHub’s CVE-2026-3854 allowed authenticated users to execute arbitrary commands via a ...