103 matches found
CVE-2025-64106
Cursor is a code editor built for programming with AI. In versions 1.7.28 and below, an input validation flaw in Cursor's MCP server installation enables specially crafted deep-links to bypass the standard security warnings and conceal executed commands from users if they choose to accept the...
CVE-2025-64106
Cursor (code editor with AI) versions 1.7.28 and below contain an input validation flaw in the MCP server installation that allows specially crafted deep-links to bypass security warnings and execute attacker-specified commands when a user accepts the server connection. Affected component: the MC...
CVE-2025-64106 Cursor: Speedbump Modal Bypass in MCP Server Deep-Link
Cursor is a code editor built for programming with AI. In versions 1.7.28 and below, an input validation flaw in Cursor's MCP server installation enables specially crafted deep-links to bypass the standard security warnings and conceal executed commands from users if they choose to accept the...
CVE-2025-64106 Cursor: Speedbump Modal Bypass in MCP Server Deep-Link
Cursor is a code editor built for programming with AI. In versions 1.7.28 and below, an input validation flaw in Cursor's MCP server installation enables specially crafted deep-links to bypass the standard security warnings and conceal executed commands from users if they choose to accept the...
Cursor 操作系统命令注入漏洞
Cursor is an AI code editor from Cursor Open Source. An operating system command injection vulnerability exists in Cursor versions 1.7.28 and earlier, which stems from insufficient input validation during the MCP server installation process, and could lead to a specially crafted deep link bypassi...
PT-2025-45060
Name of the Vulnerable Software and Affected Versions Cursor versions 1.7.28 and below Description Cursor is a code editor designed for programming with AI. An input validation issue within Cursor’s MCP server installation allows maliciously crafted deep-links to circumvent standard security...
Nextcloud: Improper input validation On Exported deep-link handler crashes `FileDisplayActivity` on crafted external URL — Denial-of-Service
A vulnerability was discovered in the Nextcloud Android client application where improper input validation in the exported deep-link handler caused a null dereference in the FileDisplayActivity component. This resulted in an unhandled NullPointerException and application crash when the deep-link...
EUVD-2018-14346
Malware in sbrugna...
EUVD-2023-26626
Malicious code in bioql PyPI...
EUVD-2022-46028
Malicious code in bioql PyPI...
EUVD-2023-47014
Malicious code in bioql PyPI...
EUVD-2023-55941
Malicious code in bioql PyPI...
EUVD-2023-58773
Malicious code in bioql PyPI...
EUVD-2025-24941
Malicious code in bioql PyPI...
EUVD-2022-52933
Malicious code in bioql PyPI...
EUVD-2022-28206
Malicious code in bioql PyPI...
pentest_compilation
It is an offensive tool for Windows. The repository contains a compilation of commands, tips, and scripts used for penetration testing and red teaming exercises. The provided code snippet is an XML file named "detalle.SettingContent-ms" located in the "Phishing" directory. This file appears to be...
CVE-2025-50861
The Lotus Cars Android app com.lotus.carsdomestic.intl 1.2.8 contains an exported component, PushDeepLinkActivity, which is accessible without authentication via ADB or malicious apps. This poses a risk of unintended access to application internals and can cause denial of service or logic abuse...
CVE-2025-50861
The CVE-2025-50861 entry affects the Lotus Cars Android App (com.lotus.carsdomestic.intl) version 1.2.8, where the exported component PushDeepLinkActivity is accessible without authentication via ADB or malicious apps. This could allow unintended access to application internals and may lead to de...
Cursor 操作系统命令注入漏洞
Cursor is an AI code editor from Cursor open source. An operating system command injection vulnerability exists in Cursor versions 1.17 through 1.2, which stems from an information disclosure in the MCP deep link handler that could lead to arbitrary system command execution...