Remote Code Execution in Cursor Code Editor for Windows by Cursor
CVE-2025-64107

8.8HIGH

Key Information:

Vendor: Cursor
Status: Cursor
Vendor: CVE Published:; 4 November 2025

What is CVE-2025-64107?

In the Cursor Code Editor, versions up to 1.7.52 are vulnerable to remote code execution due to improper detection of path manipulation using backslashes. While the editor correctly identifies attacks using forward slashes, it fails to apply the same scrutiny to backslashes, enabling potential attackers with existing control over the system to overwrite sensitive files without user approval. This security flaw is particularly concerning for Windows users and has been addressed in the subsequent version 2.0.

Affected Version(s)

cursor < 2.0

References

https://github.com/cursor/cursor/security/advisories/GHSA...

x_refsource_CONFIRM

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 4, 2025
Vulnerability Reserved
Oct 27, 2025

JSON