Back

Cursor Vulnerability Allows Rogue Extensions to Steal API Keys

Severity: High (Score: 69.0)

Sources: layerxsecurity.com, Infosecurity-Magazine

Summary

LayerX security researchers have identified a high-severity vulnerability in the Cursor AI development tool, where installed extensions can access sensitive API keys and session tokens without user interaction. The flaw arises from Cursor's use of an unprotected local SQLite database to store these credentials, which allows any extension to query the database directly, regardless of permissions. This vulnerability has been assigned a CVSS score of 8.2, indicating a significant risk of credential compromise. LayerX reported the issue to Cursor, which acknowledged it but stated that users must define their own trust boundaries. As of April 28, 2026, the vulnerability remains unaddressed. Attackers can exploit this flaw by creating seemingly benign extensions that, once installed, can silently exfiltrate sensitive data. The potential impact includes unauthorized access to third-party services, financial loss, and data theft. This situation highlights ongoing challenges in securing extensible development platforms. Key Points: • Cursor's vulnerability allows any installed extension to access sensitive API keys. • The flaw is due to unprotected local storage of credentials in a SQLite database. • LayerX assigned the vulnerability a CVSS score of 8.2, and it remains unpatched.

Key Entities

  • Data Breach (attack_type)
  • Cursor (company)
  • LayerX (company)
  • Anthropic (company)
  • Google (company)
  • OpenAI (company)
  • CWE-200 - Exposure of Sensitive Information (cwe)
  • CWE-862 - Missing Authorization (cwe)
  • T1003 - OS Credential Dumping (mitre_attack)
  • T1041 - Exfiltration Over C2 Channel (mitre_attack)
  • T1567.002 - Exfiltration to Cloud Storage (mitre_attack)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed