Return to Threats

Unpatched Cursor Vulnerability Exposes Users to Code Execution

securityweek.com 2026-07-15 AI agent abuse Critical

What Happened

An attacker can create a malicious repository containing a git.exe in the project root, and Cursor executes it automatically. The post Unpatched Cursor Vulnerability Exposes Users to Code Execution appeared first on SecurityWeek .

Why It Matters

The report says an unpatched Cursor vulnerability on Windows can be triggered when a developer opens a malicious repository, causing Cursor to execute a git.exe placed in the project root and resulting in code execution. Related reporting on Cursor shows similar issues where agentic Git or repository-handling behavior can be abused to run arbitrary code on developer machines.[1][2][13] RealGround analysis: this is best classified as AI agent abuse because the security failure arises from autonomous agent behavior in a coding tool, and the main implication is that agent permissions, command execution paths, and repository trust boundaries should be audited and hardened.

Healthcare Fintech SaaS SMB AI startups

RealGround Analysis

This signal maps to AI agent abuse. Organizations using AI agents, LLM APIs, SaaS integrations, or sensitive data workflows should review whether this class of issue could create unauthorized tool execution, data leakage, weak approval gates, or unmanaged supply-chain exposure.

Recommended Actions

  • Restrict AI agent tool permissions and production write paths.
  • Review sensitive data access across prompts, logs, embeddings, memory, and SaaS integrations.
  • Add human approval workflows for high-impact or state-changing actions.
  • Run prompt injection and indirect prompt injection tests against affected workflows.
  • Document the owner, control gap, and remediation deadline for this risk class.

Source

https://www.securityweek.com/unpatched-cursor-vulnerability-exposes-users-to-code-execution/

Talk to AI CISO