cursor News Articles
Recent news articles refferecing the vendors vulnerabilities.
Cyber PressCVE-2025-54136New 'MCPoison' Attack Exploits Cursor IDE Validation to Run Arbitrary System Commands
Security researchers from Check Point have disclosed a critical vulnerability in Cursor IDE that allows attackers to achieve persistent remote code execution through a Model Context Protocol (MCP) trust bypass mechanism. The flaw, designated CVE-2025-54136, exploits the IDE’s one-time approval syste...
GBHackers NewsCVE-2025-54136MCPoison Attack Abuses Cursor IDE to Run Arbitrary System Commands
Cybersecurity researchers have uncovered a critical vulnerability in Cursor IDE that allows attackers to execute arbitrary system commands through a sophisticated trust bypass mechanism, potentially compromising developer workstations across collaborative coding environments. Check Point Research di...
Cyber PressCVE-2025-54135Cursor IDE Vulnerability Allows Remote Code Execution Without User Interaction - Cyber Security News
Security researchers at Aim Labs have uncovered a high-severity vulnerability dubbed “CurXecute” in the widely used Cursor IDE, enabling attackers to achieve full remote code execution through a sophisticated prompt injection attack. The vulnerability, tracked as CVE-2025-54135 with a severity ratin...
Cursor flaw risks RCE from prompt injections on MCP server, researchers say
An attacker could cause Cursor to make changes to the mcp.json configuration file, says Aim Security.