Cursor IDE Vulnerability Enables Malicious Code Execution via Poisoned Repositories

Cursor IDE Vulnerability Enables Malicious Code Execution via Poisoned Repositories

First seen 14 Jul 2026, 19:58 UTC Darkreadingmindgard.ai 87% similarity 69.0

Article Content

Browse articles
ThreatCluster

A critical vulnerability in Cursor, an AI-assisted development environment, allows arbitrary code execution when a developer opens a project containing a malicious 'git.exe' file in the repository root. Discovered by Mindgard on December 15, 2025, the flaw remains unpatched despite multiple disclosures over six months. The vulnerability affects over 7 million active users and can be exploited without user interaction, leading to potential unauthorized code execution with developer privileges. Mindgard's attempts to engage Cursor for resolution have been met with silence, prompting the release of full details to inform affected organizations. Temporary mitigations include using AppLocker on managed systems and isolating untrusted repositories in virtual environments. The lack of response from Cursor raises concerns about user safety and security practices.

Key Points: • Cursor IDE's vulnerability allows execution of malicious binaries without user interaction. • Over 7 million users are at risk, as the flaw remains unpatched despite disclosures since December 2025. • Mindgard's attempts to engage Cursor for a fix have been ignored, prompting full public disclosure.

ThreatCluster AI

Timeline

2025-12-15
Vulnerability discovered
Mindgard identified a critical vulnerability in Cursor allowing arbitrary code execution via poisoned repositories.
mindgard.ai
2026-07-14
Public disclosure of vulnerability details
Mindgard released full details of the Cursor vulnerability after seven months of silence from the vendor.
Darkreading
2026-07-14
Cursor IDE remains unpatched
Despite multiple reports, the vulnerability persists in the latest version of Cursor, endangering users.
mindgard.ai

Community

Browse all →