Security · 1h ago
Cursor IDE Flaw Lets Repos Run Arbitrary Code on Windows
A vulnerability in Cursor IDE on Windows automatically executes a git.exe file placed in a cloned repository's root, with no user prompt. The malicious binary runs with the user's privileges, accessing source code, SSH keys, and cloud tokens. Cursor repeatedly re-executes the file as long as the project remains open.
Meridian48 take
This is a severe supply-chain risk for developers using Cursor, as simply cloning a repository can lead to full compromise without any user interaction.
Read the full reporting
Cursor Flaw Lets Malicious Cloned Repositories Trigger Windows Code Execution →
The Hacker News
cursor-idecode-execution