Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

cursor — Vulnerabilities & Security Advisories 22

Browse all 22 CVE security advisories affecting cursor. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by cursor:cursor
CVE IDTitleCVSSSeverityPublished
CVE-2026-31854 Cursor Affected by Arbitrary Code Execution via Prompt Injection and Whitelist Bypass — cursorCWE-78 8.8AIHighAI2026-03-11
CVE-2026-26268 Cursor sandbox escape via Git hooks — cursorCWE-862 8.1 High2026-02-13
CVE-2026-22708 Cursor has a Terminal Tool Allowlist Bypass via Environment Variables — cursorCWE-15 9.1AICriticalAI2026-01-14
CVE-2025-62354 Cursor 安全漏洞 — cursorCWE-78 9.8 Critical2025-11-26
CVE-2025-64110 Cursor: Authentication Bypass Possible via New Cursorignore Write — cursorCWE-284 6.5AIMediumAI2025-11-04
CVE-2025-64109 Cursor CLI Beta: Command Injection via Untrusted MCP Configuration — cursorCWE-78 8.8 High2025-11-04
CVE-2025-64108 Cursor's Sensitive File Modification can Lead to NTFS Path Quirks — cursorCWE-22 8.8 High2025-11-04
CVE-2025-64107 Cursor is Vulnerable to Path Manipulation Using Backslashes on Windows — cursorCWE-22 8.8 High2025-11-04
CVE-2025-64106 Cursor: Speedbump Modal Bypass in MCP Server Deep-Link — cursorCWE-78 8.8 High2025-11-04
CVE-2025-59944 Cursor IDE: Sensitive File Overwrite Bypass is Possible — cursorCWE-178 8.1 High2025-10-03
CVE-2025-61593 Cursor CLI Agent: Sensitive File Overwrite Bypass — cursorCWE-178 7.1 High2025-10-03
CVE-2025-61592 Cursor CLI: Arbitrary Code Execution Possible through Permissive CLI Config — cursorCWE-829 8.8 High2025-10-03
CVE-2025-61591 Cursor CLI's Cursor Agent MCP OAuth2 Communication is Vulnerable to Remote Code Execution — cursorCWE-78 8.8 High2025-10-03
CVE-2025-61590 Cursor is vulnerable to RCE via .code-workspace files using Prompt Injection — cursorCWE-94 7.5 High2025-10-03
CVE-2025-61589 Cursor: Potential Information Leakage via Mermaid Diagram — cursorCWE-200 5.9 Medium2025-10-03
CVE-2025-9190 TCC Bypass via misconfigured Node fuses in Cursor — CursorCWE-276 7.3AIHighAI2025-08-26
CVE-2025-54130 Cursor Agent is vulnerable prompt injection via Editor Special Files — cursorCWE-285 7.5 High2025-08-05
CVE-2025-54135 Cursor Agent is vulnerable to prompt injection via MCP Special Files — cursorCWE-78 8.6 High2025-08-05
CVE-2025-54136 Cursor's Modification of MCP Server Definitions Bypasses Manual Re-approvals — cursorCWE-78 7.2 High2025-08-01
CVE-2025-54133 Cursor's MCP Install Deeplink Does Not Show Arguments in its User-Dialog — cursorCWE-78 8.1 -2025-08-01
CVE-2025-54132 Cursor's Mermaid Diagram Tool is Vulnerable to an Arbitrary Image Fetch — cursorCWE-918 4.4 Medium2025-08-01
CVE-2025-54131 Cursor bypasses its allow list to execute arbitrary commands — cursorCWE-77 6.4 Medium2025-08-01

This page lists every published CVE security advisory associated with cursor. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.