Code Execution Vulnerability in Cursor Cloud Agent by Cursor
CVE-2026-61613
7.7HIGH
What is CVE-2026-61613?
A code execution vulnerability was identified in Cursor's Cloud Agent prior to the fix deployed on March 31, 2026. This flaw allowed attacker-controlled web content to interact with an unauthenticated local agent endpoint, effectively granting malicious users the ability to execute arbitrary code within the sandboxed environment. As a result, sensitive data such as files, repository contents, environment variables, credentials, and GitHub App access tokens were vulnerable to unauthorized access during Cloud Agent sessions. The issue was mitigated by implementing authentication requirements for the affected endpoint.
Affected Version(s)
cursor < 03/31/2026
