CVE-2025-61590: Cursor is a code editor built for programming with AI. Versions 1.6 and below are vulnerable to Remote Code Execution (R
Summary
Cursor, a code editor designed for AI-assisted programming, has a critical vulnerability in versions 1.6 and below that allows remote code execution (RCE, where an attacker runs commands on your computer without permission). An attacker who gains control of the AI chat context (such as through a compromised MCP server, a tool that extends the AI's capabilities) can use prompt injection (tricking the AI by hiding malicious instructions in its input) to make Cursor modify workspace configuration files, bypassing an existing security protection and ultimately executing arbitrary code.
Solution / Mitigation
Update to version 1.7, which fixes this issue.
Vulnerability Details
7.5(high)
EPSS: 0.1%
Classification
Affected Vendors
Related Issues
Original source: https://nvd.nist.gov/vuln/detail/CVE-2025-61590
First tracked: February 15, 2026 at 08:52 PM
Classified by LLM (prompt v3) · confidence: 95%