Unauthorized File Creation Vulnerability in Cursor Code Editor by Cursor
CVE-2025-54135

8.6HIGH

Key Information:

Vendor

Cursor

Status
Cursor
Vendor
CVE Published:
5 August 2025

Badges

📈 Trended📈 Score: 1,290👾 Exploit Exists🟡 Public PoC📰 News Worthy

What is CVE-2025-54135?

CVE-2025-54135 is a vulnerability identified in the Cursor code editor, a platform designed for programming in conjunction with AI tools. This vulnerability stems from an unauthorized file creation issue present in versions prior to 1.3.9, allowing the application to write workspace files without requiring user consent. Specifically, while the editing of existing dotfiles necessitates approval, the creation of new dotfiles can be executed without this safeguard. If an attacker exploits this flaw, they could manipulate indirect prompt injection vulnerabilities to gain unauthorized access, enabling them to write sensitive configuration files such as .cursor/mcp.json. Such actions could ultimately result in remote code execution (RCE) on the user's system, posing severe risks to organizational integrity and security.

Potential impact of CVE-2025-54135

  1. Unauthorized File Manipulation: Attackers could create sensitive configuration files without user consent, compromising the integrity of the workspace and potentially exposing the user to further vulnerabilities.

  2. Remote Code Execution: By leveraging the unauthorized file creation capability, threat actors could execute arbitrary code on the victim's machine, leading to system compromise and unauthorized control over affected devices.

  3. Increased Attack Surface: The ease of exploiting this vulnerability expands the risk landscape for organizations, potentially allowing broader access for malicious actors, especially if other vulnerabilities present in the environment are exploited in conjunction.

Affected Version(s)

cursor < 1.3.9

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

test-mcp
Created by Cbdlll

News Articles

favicon imageCyber Press

Cursor IDE Vulnerability Allows Remote Code Execution Without User Interaction - Cyber Security News

Security researchers at Aim Labs have uncovered a high-severity vulnerability dubbed “CurXecute” in the widely used Cursor IDE, enabling attackers to achieve full remote code execution through a sophisticated prompt injection attack. The vulnerability, tracked as CVE-2025-54135 with a severity ratin...

4 days ago

favicon imageSC Media

Cursor flaw risks RCE from prompt injections on MCP server, researchers say

An attacker could cause Cursor to make changes to the mcp.json configuration file, says Aim Security.

4 days ago

References

https://github.com/cursor/cursor/security/advisories/GHSA...
x_refsource_CONFIRM

CVSS V3.1

Score:
8.6
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • 📈

    Vulnerability started trending

  • Vulnerability published

  • 📰

    First article discovered by SC Media

.
CVE-2025-54135 : Unauthorized File Creation Vulnerability in Cursor Code Editor by Cursor