Lucene search
+L

103 matches found

NVD
NVD
added 2025/11/04 11:15 p.m.12 views

CVE-2025-64106

Cursor is a code editor built for programming with AI. In versions 1.7.28 and below, an input validation flaw in Cursor's MCP server installation enables specially crafted deep-links to bypass the standard security warnings and conceal executed commands from users if they choose to accept the...

8.8CVSS0.0036EPSS
Exploits0References1
CVE
CVE
added 2025/11/04 10:48 p.m.27 views

CVE-2025-64106

Cursor (code editor with AI) versions 1.7.28 and below contain an input validation flaw in the MCP server installation that allows specially crafted deep-links to bypass security warnings and execute attacker-specified commands when a user accepts the server connection. Affected component: the MC...

8.8CVSS6.9AI score0.0036EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2025/11/04 10:48 p.m.4 views

CVE-2025-64106 Cursor: Speedbump Modal Bypass in MCP Server Deep-Link

Cursor is a code editor built for programming with AI. In versions 1.7.28 and below, an input validation flaw in Cursor's MCP server installation enables specially crafted deep-links to bypass the standard security warnings and conceal executed commands from users if they choose to accept the...

8.8CVSS6AI score0.0036EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/11/04 10:48 p.m.3 views

CVE-2025-64106 Cursor: Speedbump Modal Bypass in MCP Server Deep-Link

Cursor is a code editor built for programming with AI. In versions 1.7.28 and below, an input validation flaw in Cursor's MCP server installation enables specially crafted deep-links to bypass the standard security warnings and conceal executed commands from users if they choose to accept the...

8.8CVSS6.9AI score0.0036EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/04 12:0 a.m.4 views

Cursor 操作系统命令注入漏洞

Cursor is an AI code editor from Cursor Open Source. An operating system command injection vulnerability exists in Cursor versions 1.7.28 and earlier, which stems from insufficient input validation during the MCP server installation process, and could lead to a specially crafted deep link bypassi...

8.8CVSS7.5AI score0.0036EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/11/04 12:0 a.m.8 views

PT-2025-45060

Name of the Vulnerable Software and Affected Versions Cursor versions 1.7.28 and below Description Cursor is a code editor designed for programming with AI. An input validation issue within Cursor’s MCP server installation allows maliciously crafted deep-links to circumvent standard security...

8.8CVSS7AI score0.0036EPSS
Exploits0References3
Hacker One
Hacker One
added 2025/10/24 9:41 p.m.10 views

Nextcloud: Improper input validation On Exported deep-link handler crashes `FileDisplayActivity` on crafted external URL — Denial-of-Service

A vulnerability was discovered in the Nextcloud Android client application where improper input validation in the exported deep-link handler caused a null dereference in the FileDisplayActivity component. This resulted in an unhandled NullPointerException and application crash when the deep-link...

5.8AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-14346

Malware in sbrugna...

7.8CVSS7.7AI score0.00787EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-26626

Malicious code in bioql PyPI...

8.8CVSS8.7AI score0.00204EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-46028

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.24328EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-47014

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.01173EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-55941

Malicious code in bioql PyPI...

9.6CVSS6.6AI score0.00523EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.14 views

EUVD-2023-58773

Malicious code in bioql PyPI...

7.1CVSS7.2AI score0.00222EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-24941

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00324EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-52933

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.00538EPSS
Exploits2References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-28206

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.00606EPSS
Exploits1References2
Gitee
Gitee
added 2025/09/14 5:35 p.m.105 views

pentest_compilation

It is an offensive tool for Windows. The repository contains a compilation of commands, tips, and scripts used for penetration testing and red teaming exercises. The provided code snippet is an XML file named "detalle.SettingContent-ms" located in the "Phishing" directory. This file appears to be...

7.4AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/08/16 12:16 a.m.18 views

CVE-2025-50861

The Lotus Cars Android app com.lotus.carsdomestic.intl 1.2.8 contains an exported component, PushDeepLinkActivity, which is accessible without authentication via ADB or malicious apps. This poses a risk of unintended access to application internals and can cause denial of service or logic abuse...

6.5CVSS7.4AI score0.00324EPSS
Exploits0References1
CVE
CVE
added 2025/08/14 12:0 a.m.22 views

CVE-2025-50861

The CVE-2025-50861 entry affects the Lotus Cars Android App (com.lotus.carsdomestic.intl) version 1.2.8, where the exported component PushDeepLinkActivity is accessible without authentication via ADB or malicious apps. This could allow unintended access to application internals and may lead to de...

6.5CVSS7.3AI score0.00324EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/08/02 12:0 a.m.5 views

Cursor 操作系统命令注入漏洞

Cursor is an AI code editor from Cursor open source. An operating system command injection vulnerability exists in Cursor versions 1.17 through 1.2, which stems from an information disclosure in the MCP deep link handler that could lead to arbitrary system command execution...

9.6CVSS7.4AI score0.00367EPSS
Exploits0References3
Rows per page
Query Builder