Cursor 0day: When Full Disclosure Becomes the Only Protection Left
A critical vulnerability in Cursor IDE allows automatic execution of malicious git.exe files, posing significant risks for users.
A critical vulnerability in the Cursor IDE allows malicious git.exe files to execute automatically without user interaction. When a developer opens a project containing a malicious git.exe in the root, it is executed immediately. This poses a significant security risk for the platform, which has over 7 million active users and is used by more than 50,000 companies. Despite being reported by Mindgard in December 2025, there has been no effective response from Cursor regarding remediation efforts.