Vulnerabilidades en cursor
23 resultadosCVE-2025-54136HIGHCursor's Modification of MCP Server Definitions Bypasses Manual Re-approvalsEPSS 7.5%CVE-2025-54135HIGHCursor Agent is vulnerable to prompt injection via MCP Special FilesEPSS 1.7%CVE-2025-62354CRITICALImproper neutralization of special elements used in an OS command ('command injection') in Cursor allows an unauthorized attacker to executeEPSS 1.2%CVE-2025-61591HIGHCursor CLI's Cursor Agent MCP OAuth2 Communication is Vulnerable to Remote Code ExecutionEPSS 1.1%CVE-2026-22708HIGHCursor has a Terminal Tool Allowlist Bypass via Environment VariablesEPSS 0.5%CVE-2026-26268HIGHCursor sandbox escape via Git hooksEPSS 0.5%CVE-2025-61590HIGHCursor is vulnerable to RCE via .code-workspace files using Prompt InjectionEPSS 0.5%CVE-2025-54131MEDIUMCursor bypasses its allow list to execute arbitrary commandsEPSS 0.5%CVE-2025-64109HIGHCursor CLI Beta: Command Injection via Untrusted MCP ConfigurationEPSS 0.4%CVE-2025-61592HIGHCursor CLI: Arbitrary Code Execution Possible through Permissive CLI ConfigEPSS 0.4%CVE-2025-64108HIGHCursor's Sensitive File Modification can Lead to NTFS Path QuirksEPSS 0.4%CVE-2025-61593HIGHCursor CLI Agent: Sensitive File Overwrite BypassEPSS 0.4%CVE-2025-59944HIGHCursor IDE: Sensitive File Overwrite Bypass is PossibleEPSS 0.3%CVE-2025-64110HIGHCursor: Authentication Bypass Possible via New Cursorignore WriteEPSS 0.3%CVE-2025-64106HIGHCursor: Speedbump Modal Bypass in MCP Server Deep-LinkEPSS 0.3%CVE-2025-54132MEDIUMCursor's Mermaid Diagram Tool is Vulnerable to an Arbitrary Image FetchEPSS 0.3%CVE-2025-54133MEDIUMCursor's MCP Install Deeplink Does Not Show Arguments in its User-DialogEPSS 0.3%CVE-2025-64107HIGHCursor is Vulnerable to Path Manipulation Using Backslashes on WindowsEPSS 0.3%CVE-2026-31854HIGHCursor Affected by Arbitrary Code Execution via Prompt Injection and Whitelist BypassEPSS 0.3%CVE-2025-61589MEDIUMCursor: Potential Information Leakage via Mermaid DiagramEPSS 0.3%