Lucene search
K
AnysphereCursor

21 matches found

CVE
CVE
added 2026/06/25 6:47 p.m.123 views

CVE-2026-50549

Cursor before version 3.0 contains a sandbox escape: if path canonicalization fails, a write can be redirected via an in-workspace symlink to arbitrary locations outside the workspace, enabling non-sandboxed Remote Code Execution under the user’s privileges. Affected: Cursor editor (pre-3.0) with...

9.8CVSS6.2AI score0.00638EPSS
CVE
CVE
added 2026/06/25 6:47 p.m.95 views

CVE-2026-50548

Technical details about CVE-2026-50548 are not publicly available in the provided documents. Monitor for updates to obtain affected products, root cause specifics, impact, and remediation.

9.8CVSS6.2AI score0.00637EPSS
CVE
CVE
added 2025/08/05 12:11 a.m.75 views

CVE-2025-54135

Cursor before v1.3.9 allows prompt-injection via MCP MCP server data to auto-run and write to ~/.cursor/mcp.json, enabling RCE when processing external content. Affected: Cursor AI code editor (Cursor) in-workspace file writes without user approval; dotfiles require approval but new dotfiles do n...

9.8CVSS6.7AI score0.01708EPSS
CVE
CVE
added 2025/08/01 11:8 p.m.61 views

CVE-2025-54136

Cursor is an AI code editor where CVE-2025-54136 affects versions

8.8CVSS8.4AI score0.07598EPSS
Web
CVE
CVE
added 2026/01/14 4:43 p.m.53 views

CVE-2026-22708

CVE-2026-22708 affects Cursor (AI-enhanced code editor). Prior to version 2.3, when the Cursor Agent runs in Auto-Run mode with Allowlist enabled, certain shell built-ins can be executed without appearing in the allowlist or requiring user approval. This enables an attacker to perform indirect or...

9.8CVSS7AI score0.00537EPSS
CVE
CVE
added 2025/08/01 11:7 p.m.42 views

CVE-2025-54133

CVE-2025-54133 affects Cursor (code editor with AI features). The vulnerability lies in the MCP (Model Context Protocol) deeplink handler, where clicking a malicious cursor://anysphere.cursor-deeplink/mcp/install link can lead to execution of a full system command without showing the arguments in...

9.6CVSS7.6AI score0.00329EPSS
CVE
CVE
added 2025/08/01 11:5 p.m.39 views

CVE-2025-54132

CVE-2025-54132 affects Cursor’s Mermaid-based diagram tool prior to version 1.3. An attacker can trigger prompt injections to cause Mermaid-rendered images to fetch data to a remote attacker-controlled server, enabling exfiltration of sensitive information. The issue is fixed in version 1.3; upgr...

7.5CVSS7.3AI score0.00338EPSS
CVE
CVE
added 2025/08/05 12:12 a.m.35 views

CVE-2025-54130

CVE-2025-54130 (Cursor) affects Cursor, a code editor with AI features. In versions

9.8CVSS6.7AI score0.00262EPSS
CVE
CVE
added 2025/10/03 8:15 p.m.33 views

CVE-2025-59944

Cursor IDE versions 1.6.23 and earlier are affected by a vulnerability in how sensitive files are protected (notably /.cursor/mcp.json). The issue arises from case-sensitive checks that can be bypassed, allowing an attacker to modify sensitive files via prompt injection and achieve remote code ex...

9.8CVSS7.8AI score0.00337EPSS
CVE
CVE
added 2026/02/13 4:54 p.m.33 views

CVE-2026-26268

CVE-2026-26268 (Cursor) affects Cursor, a code editor with AI features. The bug allows a sandbox escape by writing to improperly protected .git configuration, including git hooks, enabling out-of-sandbox remote code execution when triggered by Git operations. The issue exists in versions prior to...

9.9CVSS5.7AI score0.0049EPSS
CVE
CVE
added 2025/10/03 4:27 p.m.31 views

CVE-2025-61590

Cursor (editor) versions ≤1.6 are vulnerable to remote code execution via Visual Studio Code Workspaces. The attack involves hijacking the user’s chat context to prompt-inject and modify .code-workspace/settings, enabling RCE by writing to the workspace settings. The issue is fixed in version 1.7...

7.5CVSS7AI score0.00485EPSS
CVE
CVE
added 2025/11/04 11:24 p.m.31 views

CVE-2025-64110

CVE-2025-64110 affects Cursor: code editor for AI-assisted programming. A logic bug in versions 1.7.23 and earlier allows a malicious agent with prompt-injection access to read files protected by cursorignore, by creating a new cursorignore file that can invalidate existing configurations. The is...

8.7CVSS6.4AI score0.00356EPSS
CVE
CVE
added 2025/08/01 11:5 p.m.30 views

CVE-2025-54131

Cursor before v1.3 is vulnerable: an attacker can bypass the auto-run allow list using a backtick (`) or $(cmd) to execute arbitrary commands outside the allowlist, especially if the user has switched to an allowlist setting. The issue can be triggered via indirect prompt injection and is fixed i...

8.8CVSS8.2AI score0.0048EPSS
CVE
CVE
added 2025/10/03 4:44 p.m.29 views

CVE-2025-61591

Cursor is an AI-enabled code editor. CVE-2025-61591 affects Cursor versions 1.7 and below, where OAuth authentication with an untrusted MCP server allows an attacker to impersonate the MCP server and inject crafted commands during the interaction, leading to command injection and potential remote...

8.8CVSS9AI score0.01094EPSS
CVE
CVE
added 2025/10/03 5:28 p.m.28 views

CVE-2025-61593

CVE-2025-61593 affects Cursor, specifically Cursor CLI Agent in Cursor editor versions ≤ 1.7. The vulnerability stems from inadequate protection of sensitive files (e.g., /.cursor/cli.json ), allowing an attacker to inject prompts that modify these files, which can lead to remote code execution. ...

8.8CVSS7.8AI score0.00381EPSS
Web
CVE
CVE
added 2025/10/03 5:23 p.m.25 views

CVE-2025-61592

Cursor CLI (versions ≤ 1.7) is vulnerable to Remote Code Execution via automatic loading of project-specific CLI configuration from /.cursor/cli.json that can override global settings. The underlying issue is permissive configuration combined with prompt injection delivered through project rules ...

8.8CVSS7.4AI score0.00421EPSS
Web
CVE
CVE
added 2025/11/04 10:48 p.m.21 views

CVE-2025-64106

Cursor (code editor with AI) versions 1.7.28 and below contain an input validation flaw in the MCP server installation that allows specially crafted deep-links to bypass security warnings and execute attacker-specified commands when a user accepts the server connection. Affected component: the MC...

8.8CVSS6.9AI score0.0036EPSS
CVE
CVE
added 2026/03/11 5:11 p.m.21 views

CVE-2026-31854

Cursor is a code editor for programming with AI. Prior to 2.0, if a visited website contains malicious instructions, the model may follow them to “assist” the user. When combined with a bypass of the command whitelist, indirect prompt injections could cause automatic command execution without use...

8.8CVSS5.8AI score0.00276EPSS
CVE
CVE
added 2025/10/03 6:48 a.m.20 views

CVE-2025-61589

CVE-2025-61589 affects Cursor: in versions 1.6 and earlier, Mermaid diagram rendering can embed images that are rendered in the chat box, enabling an attacker to exfiltrate sensitive information to a third‑party server via an image fetch after a prompt injection. The issue requires malicious inpu...

5.9CVSS6.7AI score0.00274EPSS
CVE
CVE
added 2025/11/04 10:51 p.m.17 views

CVE-2025-64107

CVE-2025-64107 affects Cursor (open-source AI code editor). Versions 1.7.52 and earlier are vulnerable to path manipulation allowing RCE on Windows due to incomplete detection of backslash-based path operations, unlike the forward-slash checks that require approval. An attacker with prior control...

8.8CVSS6.7AI score0.00349EPSS
Web
CVE
CVE
added 2025/11/04 10:58 p.m.15 views

CVE-2025-64108

Cursor is an AI-assisted code editor with a vulnerability in versions 1.7.44 and below. The issue arises from NTFS path quirks that permit a prompt-injection attacker to bypass file protections and overwrite files that normally require human approval. Modifications to protected files can lead to ...

8.8CVSS6.8AI score0.00442EPSS