CVE-2025-61591: Cursor is a code editor built for programming with AI. In versions 1.7 and below, when MCP uses OAuth authentication wit
highvulnerability
security
Summary
Cursor is a code editor that lets programmers work with AI assistance. In versions 1.7 and below, when using MCP (a system for connecting external tools to AI) with OAuth authentication (a login method), an attacker can trick Cursor into running malicious commands by pretending to be a trusted service, potentially giving them full control of the user's computer.
Solution / Mitigation
A patch is available at version 2025.09.17-25b418f. Users should update to this patched version to fix the vulnerability.
Vulnerability Details
CVSS Score
8.8(high)
EPSS (30-day exploit probability)
EPSS: 0.1%
Classification
Attack Type
Supply Chain
Attack SophisticationModerate
Impact (CIA+S)
integrityconfidentiality
Affected Vendors
Related Issues
Original source: https://nvd.nist.gov/vuln/detail/CVE-2025-61591
First tracked: February 15, 2026 at 08:53 PM
Classified by LLM (prompt v3) · confidence: 92%