Hasty Briefsbeta

Bilingual

Cursor 0day: When Full Disclosure Becomes the Only Protection Left

5 hours ago
  • #security
  • #vulnerability
  • #cursor-ide
  • Cursor IDE automatically executes a malicious git.exe from repository root without user interaction, leading to arbitrary code execution.
  • Vulnerability identified December 2025, reported multiple times but remains unfixed after over 6 months and 197+ versions, with minimal vendor response.
  • Mitigations include AppLocker policies for enterprises and using isolated environments for consumers until patched.
  • Proof-of-concept demonstrated with Windows Calculator renamed to git.exe, showing repeated automatic execution.
  • Lack of communication from Cursor raises concerns about security processes and accountability in AI-assisted development tools.