Remote Code Execution Vulnerability in Cursor Code Editor by Cursor
CVE-2025-61590

7.5HIGH

Key Information:

Vendor: Cursor
Status: Cursor
Vendor: CVE Published:; 3 October 2025

What is CVE-2025-61590?

Cursor, an AI-focused code editor, is susceptible to remote code execution due to vulnerabilities in its handling of Visual Studio Code Workspaces. Versions up to 1.6 allow attackers to exploit settings files associated with the workspace, particularly when a user has an untitled workspace active. An attacker can potentially manipulate the code editor's behavior by injecting commands into the user's chat context. If a malicious user successfully hijacks this context, they can execute prompt injections that alter workspace settings, which may lead to unauthorized code execution. Addressing this issue, Cursor has released an update in version 1.7 to mitigate such risks. Users are strongly advised to upgrade to the latest version to ensure the security of their development environments.

Affected Version(s)

cursor < 1.7

References

https://github.com/cursor/cursor/security/advisories/GHSA...

x_refsource_CONFIRM

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 3, 2025
Vulnerability Reserved
Sep 26, 2025

JSON