📦 Cursor

This vulnerability in Cursor AI code editor allows attackers to execute shell built-ins without allowlist approval when the Cursor Agent runs in Auto-Run Mode with Allowlist mode enabled. Attackers ca...

Cursor code editor versions 1.17 through 1.2 contain a UI information disclosure vulnerability in the MCP deeplink handler that allows attackers to execute arbitrary system commands through social eng...

This CVE describes a sandbox escape vulnerability in Cursor code editor versions prior to 2.5. A malicious AI agent could write to improperly protected .git configuration files, potentially leading to...

A logic bug in Cursor AI code editor versions 1.7.23 and below allows malicious agents to bypass file protection mechanisms. Attackers who achieve prompt injection or use malicious AI models can creat...

This vulnerability in Cursor code editor allows attackers to execute arbitrary commands on a victim's system by tricking them into clicking a malicious deep link. The flaw bypasses security warnings a...

This vulnerability in Cursor AI code editor allows attackers to bypass path manipulation detection by using backslashes instead of forward slashes, enabling unauthorized overwriting of sensitive edito...

This CVE describes a path traversal vulnerability in Cursor AI code editor that allows attackers to bypass sensitive file protections via NTFS path quirks. When chained with prompt injection or malici...

This vulnerability in Cursor IDE allows attackers to bypass case-sensitive file protection checks on case-insensitive filesystems. By exploiting prompt injection, attackers can modify sensitive config...

This vulnerability allows remote code execution when users run Cursor CLI inside a malicious repository. Attackers can exploit permissive configuration settings and prompt injection via project-specif...

This vulnerability allows remote code execution in Cursor AI code editor versions 1.6 and below through manipulation of Visual Studio Code workspace files. Attackers who compromise the chat context (e...

Cursor code editor versions below 1.3.9 allow attackers to exploit indirect prompt injection to write malicious MCP configuration files without user approval, leading to remote code execution. This af...

This vulnerability allows attackers to bypass Cursor code editor's allowlist in auto-run mode using backtick (`) or $(cmd) syntax, enabling arbitrary command execution without user approval. Users who...

This vulnerability in Cursor code editor versions below 1.3 allows attackers to exfiltrate sensitive information via Mermaid diagram image rendering. Attackers can embed images that fetch data to exte...