All Topics
All Topics
Technology
Technology
AI
AI
Business
Business
Entertainment
Entertainment
News
News
Programming
Programming
Science
Science
Design
Design
Environment
Environment
Finance
Finance
Crypto
Crypto
Politics
Politics
Sports
Sports
Education
Education
Gaming
Gaming
Art
Art
Music
Music
Health
Health
Security
Security
Books
Books
Food
Food
Travel
Travel
Personal
Personal
Bluesky
Twitter
Baker's Take· 6 sources

Unpatched vulnerability in Cursor IDE allows automatic code execution from tainted repositories

By

Mr Bagel

· 15h ago

Security researchers at Mindgard have uncovered a critical vulnerability in Cursor, a popular AI-powered code editor, that automatically executes malicious code when a developer opens a poisoned repository. The flaw, which remains unpatched months after being reported, could allow attackers to compromise developer machines without any user interaction, according to Dark Reading.

Unpatched vulnerability in Cursor IDE allows automatic code execution from tainted repositories

"a malicious 'git.exe' binary placed at the root of a repository will be auto-executed by the Cursor client when a developer opens the project."

Dark Reading

The attack exploits Cursor's reliance on a local Git installation. By placing a fake 'git.exe' file in the root of a repository, an attacker can trick the IDE into running it instead of the legitimate Git binary. Dark Reading reported that the vulnerability enables "poisoned repository attacks that can compromise developer machines."

"Researchers reported the vulnerability to Cursor in December, but it still remains in the popular AI coding platform and can be exploited in poisoned repository attacks."

Secure !t Inside

Bleeping Computer framed the issue as a broader threat to AI coding agents, reporting that a "clean GitHub repo tricks AI coding agents into running malware." The attack surface is significant, as developers often clone and open repositories from untrusted sources, and AI-powered tools like Cursor are increasingly relied upon for code generation and review.

Mindgard disclosed the vulnerability to Cursor in December, but as of now, no patch has been released. Secure !t Inside noted that the flaw "still remains in the popular AI coding platform," leaving users exposed. Developers are advised to verify the integrity of their Git binaries and be cautious when opening repositories from unknown contributors until a fix is deployed.

The reporting

6 outlets covered this story. Each links to the original.

0

Comments

Sign in to join the conversation.

No comments yet. Be the first.