Anysphere Cursor

21 CVEs affecting Anysphere Cursor. Latest disclosed: 2026-06-25. Critical: 4, High: 14.

Top CVEs affecting Anysphere Cursor
CVESeverityScorePublishedSummary
CVE-2026-50549Critical9.82026-06-25Cursor is a code editor built for programming with AI. Prior to 3.0, Cursor runs agent terminal commands in a sandbox by default. Before a Write, the agent can…
CVE-2026-50548Critical9.82026-06-25Cursor is a code editor built for programming with AI. Prior to 3.0, Cursor runs agent terminal commands in a sandbox by default, and the sandbox grants write…
CVE-2026-22708Critical9.82026-01-14Cursor is a code editor built for programming with AI. Prior to 2.3, hen the Cursor Agent is running in Auto-Run Mode with Allowlist mode enabled, certain shel…
CVE-2025-54133Critical9.62025-08-02Cursor is a code editor built for programming with AI. In versions 1.17 through 1.2, there is a UI information disclosure vulnerability in Cursor's MCP (Model…
CVE-2026-31854High8.82026-03-11Cursor is a code editor built for programming with AI. Prior to 2.0 ,if a visited website contains maliciously crafted instructions, the model may attempt to f…
CVE-2025-64108High8.82025-11-04Cursor is a code editor built for programming with AI. In versions 1.7.44 and below, various NTFS path quirks allow a prompt injection attacker to circumvent s…
CVE-2025-64107High8.82025-11-04Cursor is a code editor built for programming with AI. In versions 1.7.52 and below, manipulating internal settings may lead to RCE. Cursor detects path manipu…
CVE-2025-64106High8.82025-11-04Cursor is a code editor built for programming with AI. In versions 1.7.28 and below, an input validation flaw in Cursor's MCP server installation enables speci…
CVE-2025-61592High8.82025-10-03Cursor is a code editor built for programming with AI. In versions 1.7 and below, automatic loading of project-specific CLI configuration from the current work…
CVE-2025-61591High8.82025-10-03Cursor is a code editor built for programming with AI. In versions 1.7 and below, when MCP uses OAuth authentication with an untrusted MCP server, an attacker…
CVE-2025-54135High8.52025-08-05Cursor is a code editor built for programming with AI. Cursor allows writing in-workspace files with no user approval in versions below 1.3.9, If the file is a…
CVE-2026-26268High8.02026-02-13Cursor is a code editor built for programming with AI. Sandbox escape via writing .git configuration was possible in versions prior to 2.5. A malicious agent (…
CVE-2025-59944High8.02025-10-03Cursor is a code editor built for programming with AI. Versions 1.6.23 and below contain case-sensitive checks in the way Cursor IDE protects its sensitive fil…
CVE-2025-64110High7.52025-11-05Cursor is a code editor built for programming with AI. In versions 1.7.23 and below, a logic bug allows a malicious agent to read sensitive files that should b…
CVE-2025-61590High7.52025-10-03Cursor is a code editor built for programming with AI. Versions 1.6 and below are vulnerable to Remote Code Execution (RCE) attacks through Visual Studio Code…
CVE-2025-54130High7.52025-08-05Cursor is a code editor built for programming with AI. Cursor allows writing in-workspace files with no user approval in versions less than 1.3.9. If the file…
CVE-2025-54136High7.22025-08-02Cursor is a code editor built for programming with AI. In versions 1.2.4 and below, attackers can achieve remote and persistent code execution by modifying an…
CVE-2025-61593High7.12025-10-03Cursor is a code editor built for programming with AI. In versions 1.7 and below, a vulnerability in the way Cursor CLI Agent protects its sensitive files (i.e…
CVE-2025-54131Medium6.42025-08-01Cursor is a code editor built for programming with AI. In versions below 1.3, an attacker can bypass the allow list in auto-run mode with a backtick (`) or $(c…
CVE-2025-61589Medium5.92025-10-03Cursor is a code editor built for programming with AI. In versions 1.6 and below, Mermaid (a to render diagrams) allows embedding images which then get rendere…