mindgard.ai
Cursor IDE Vulnerability Enables Malicious Code Execution via Poisoned Repositories
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
A critical vulnerability in Cursor, an AI-assisted development environment, allows arbitrary code execution when a developer opens a project containing a malicious 'git.exe' file in the repository root. Discovered by Mindgard on December 15, 2025, the flaw remains unpatched despite multiple disclosures over six months. The vulnerability affects over 7 million active users and can be exploited without user interaction, leading to potential unauthorized code execution with developer privileges. Mindgard's attempts to engage Cursor for resolution have been met with silence, prompting the release of full details to inform affected organizations. Temporary mitigations include using AppLocker on managed systems and isolating untrusted repositories in virtual environments. The lack of response from Cursor raises concerns about user safety and security practices.
Key Points: • Cursor IDE's vulnerability allows execution of malicious binaries without user interaction. • Over 7 million users are at risk, as the flaw remains unpatched despite disclosures since December 2025. • Mindgard's attempts to engage Cursor for a fix have been ignored, prompting full public disclosure.