Remote Code Execution Vulnerability in Cursor Code Editor by Cursor, Inc.
CVE-2025-64109

8.8HIGH

Key Information:

Vendor: Cursor
Status: Cursor
Vendor: CVE Published:; 4 November 2025

What is CVE-2025-64109?

A vulnerability in the Cursor CLI Beta allows attackers to execute remote code by exploiting the MCP (Model Context Protocol) server. By uploading a malicious configuration file in the '.cursor/mcp.json' path within a GitHub repository, an attacker can trigger code execution. When a victim clones the repository and launches it using the Cursor CLI, the malicious MCP server command is executed immediately without any prompts, exposing the system to potential risks. This issue has been addressed in the latest version, 2025.09.17-25b418f.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

cursor < 2025.09.17-25b418f

References

https://github.com/cursor/cursor/security/advisories/GHSA...

x_refsource_CONFIRM

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Nov 4, 2025
Vulnerability Reserved
Oct 27, 2025

JSON

Cursor

What is CVE-2025-64109?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.