EUVD-2025-23407

Malicious code in bioql PyPI...

EUVD-2025-23408

Malicious code in bioql PyPI...

CVE-2025-54132

Cursor is a code editor built for programming with AI. In versions below 1.3, Mermaid which is used to render diagrams allows embedding images which then get rendered by Cursor in the chat box. An attacker can use this to exfiltrate sensitive information to a third-party attacker controlled serve...

CVE-2025-54136 Cursor's Modification of MCP Server Definitions Bypasses Manual Re-approvals

Cursor is a code editor built for programming with AI. In versions 1.2.4 and below, attackers can achieve remote and persistent code execution by modifying an already trusted MCP configuration file inside a shared GitHub repository or editing the file locally on the target's machine. Once a...

PT-2025-31700

Name of the Vulnerable Software and Affected Versions Cursor versions prior to 1.3 Description Cursor is a code editor built for programming with AI. Versions prior to 1.3 allow embedding images through Mermaid, a diagram rendering tool. This can be exploited to exfiltrate sensitive information t...

PT-2025-31699 · Cursor · Cursor

Name of the Vulnerable Software and Affected Versions: Cursor versions prior to 1.3 Description: Cursor, a code editor built for programming with AI, allows an attacker to bypass the allow list in auto-run mode using a backtick or $cmd. This bypass enables arbitrary command execution outside of t...