mindgard.ai
Cursor IDE Vulnerability Allows Malicious Code Execution via Poisoned Repositories
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
A critical vulnerability in the Cursor IDE allows for the automatic execution of malicious binaries when developers open projects containing a poisoned 'git.exe' file. Discovered by Mindgard on December 15, 2025, the flaw remains unaddressed despite multiple disclosures to Cursor. The vulnerability affects over 7 million active users and can be exploited effortlessly, granting attackers code execution with the developer's privileges. Users are advised to open untrusted repositories only in isolated environments until a patch is released. Mindgard's attempts to engage with Cursor have been met with silence, prompting a public disclosure of the vulnerability. The lack of response from Cursor raises significant concerns about user safety and security practices.
Key Points: • Cursor IDE vulnerability allows execution of malicious binaries from poisoned repositories. • Over 7 million users are at risk due to the unaddressed vulnerability reported since December 2025. • Users are advised to isolate untrusted repositories until a fix is implemented.