CVE-2025-61593: Cursor is a code editor built for programming with AI. In versions 1.7 and below, a vulnerability in the way Cursor CLI
highvulnerability
security
Summary
Cursor, a code editor designed for programming with AI, has a vulnerability in versions 1.7 and below where attackers can use prompt injection (tricking the AI by hiding instructions in its input) to modify sensitive configuration files and achieve remote code execution (RCE, where an attacker can run commands on a system they don't own). This vulnerability is especially dangerous on case-insensitive filesystems (systems that treat uppercase and lowercase letters as the same).
Solution / Mitigation
This issue is fixed in commit 25b418f, but has yet to be released as of October 3, 2025.
Vulnerability Details
CVSS Score
7.1(high)
EPSS (30-day exploit probability)
EPSS: 0.1%
Classification
Attack Type
Prompt Injection
Attack SophisticationModerate
Impact (CIA+S)
integrityconfidentiality
Affected Vendors
Related Issues
Original source: https://nvd.nist.gov/vuln/detail/CVE-2025-61593
First tracked: February 15, 2026 at 08:52 PM
Classified by LLM (prompt v3) · confidence: 92%