[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fphL1qCbWDkhX23Y3pTW6wNe_T4r-9grTF7SX0s9UkZQ":3},{"article":4,"iocs":50},{"id":5,"title":6,"slug":7,"summary":8,"ai_summary":9,"brief":10,"full_text":11,"url":12,"image_url":13,"published_at":14,"ingested_at":15,"relevance_score":16,"entities":17,"category_id":27,"category":28,"article_tags":32},"412a10ea-8a04-48d3-909b-3950f0d4d3dd","Unpatched Cursor Vulnerability Exposes Users to Code Execution","unpatched-cursor-vulnerability-exposes-users-to-code-execution-8adb36","An attacker can create a malicious repository containing a git.exe in the project root, and Cursor executes it automatically. The post Unpatched Cursor Vulnerability Exposes Users to Code Execution appeared first on SecurityWeek.","A critical vulnerability in the popular AI-assisted development environment Cursor for Windows allows attackers to achieve code execution by placing a malicious git.exe file in the root of a project repository. When a developer opens such a repository, Cursor automatically executes the malicious binary without user consent or warning. The vulnerability was reported to Cursor seven months ago, but no patch has been released, leading to a public disclosure by the reporting firm.","Cursor vulnerability allows code execution via malicious git.exe in project root.","An unpatched vulnerability in Cursor on Windows can be triggered for code execution when a developer opens a repository in the application, Mindgard reports. Cursor is one of the most popular AI-assisted development environments, with more than 7 million active users. The security defect, Mindgard says, is straightforward: when opening a repository, Cursor would automatically execute a malicious git.exe binary in the project’s root without warning the user or asking for approval. “The vulnerability is not theoretical and does not depend on a complex chain of exploitation, prompt injection, model manipulation, jailbreaks, memory corruption, or sophisticated attacker tradecraft. Exploitation simply requires a developer to open a project containing a git.exe binary in the repository at the root,” Mindgard says. According to Mindgard, the issue exists because, when loading a project, Cursor looks for Git binaries in multiple locations, including the workspace itself. “If an attacker planted a malicious git.exe in the repository root, Cursor will execute it automatically as part of its path resolution logic without warning, approval, or even an indication that executable content from the repository is about to run,” Mindgard explains.Advertisement. Scroll to continue reading. Mindgard has disclosed the vulnerability publicly after reporting it to Cursor on December 15, 2025, and receiving no response regarding a potential patch for seven months. The company says Cursor’s CISO invited Mindgard to its bug bounty program on HackerOne in January, where the security defect was resubmitted and confirmed as reproducible, but it has not received a response from Cursor. “But coordinated disclosure only works when there is coordination. Seven months after initial disclosure, we have no indication that users are being protected, that remediation is underway, or that affected organizations have been informed. And at this point, withholding information no longer serves users; it serves silence,” Mindgard notes. SecurityWeek has emailed Cursor for a statement on the matter and will update this article if the company responds. Related: Windows Bind Link Attacks Can Hide Malware From EDR Tools Related: Vulnerabilities Patched by Fortinet, Ivanti, ServiceNow Related: Progress Confirms Zero-Day Vulnerability Behind ShareFile Disruption Related: NIST Opens Updated IoT Security Guidance to Public Review Written By Ionut Arghire Ionut Arghire is an international correspondent for SecurityWeek. Daily Briefing Newsletter Subscribe to the SecurityWeek Email Briefing for the latest cybersecurity threats, trends, and expert insights. More from Ionut Arghire Critical Vulnerabilities Patched With Fresh Chrome 150, Firefox 152 UpdatesMicrosoft Patches Record 622 Vulnerabilities, Including Two Exploited Zero-DaysAdobe Patches Critical ColdFusion VulnerabilitiesSAP Patches Critical Vulnerabilities in NetWeaver, Approuter, Commerce CloudUS, Allies Warn of Russian Cyberattacks Targeting Critical Infrastructure RoutersMultiple Jscrambler Packages Impacted by Supply Chain AttackRabbitMQ Vulnerability Threatens Enterprise SystemsZimbra Patches Critical Code Execution Vulnerability Latest News CISA Urges Immediate Patching of Exploited SharePoint VulnerabilitiesWindows Bind Link Attacks Can Hide Malware From EDR ToolsVirtual Event Today: Cloud & Data Security SummitUS Charges Russian Individuals and Firms for Running Cybercrime ServicesVulnerabilities Patched by Fortinet, Ivanti, ServiceNowWhite House Launches AI-Driven ‘Gold Eagle’ Vulnerability Coordination InitiativeProgress Confirms Zero-Day Vulnerability Behind ShareFile DisruptionICS Patch Tuesday: Vulnerabilities Fixed by Siemens, Schneider, Rockwell Trending Daily Briefing NewsletterSubscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts. Webinar: Why Email Security Keeps Failing (And What Has to Change) July 8, 2026 Join this live webinar as we break down why email-layer defenses alone can't keep pace with the modern phishing ecosystem, how agentic AI is changing the capacity equation for security teams, and more. Register Virtual Event: 2026 Cloud Security Summit July 15, 2026 This year's summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments. Interact with leading solution providers and other end users facing similar challenges in securing a variety of cloud deployments. Register People on the MoveN-able has appointed Russell Rosa as Chief Revenue Officer.Stacy O'Mara has joined Armadin as Chief Policy Officer and Director of Global Government Affairs.F5 has appointed Cathy Peterman as Chief People Officer.More People On The MoveExpert Insights The Shift Toward Business-Aligned Risk Management Moving from isolated, technical data to a continuous risk lifecycle can help organizations align security controls with actual business consequences. (Steve Durbin) How to Conduct a Successful Audit of AI-Driven Software Development As AI-generated code becomes commonplace, CISOs need new audit strategies to measure developer practices, govern AI tool usage, and identify software risks before they reach production. (Matias Madou) Frontier AI: Six Questions Every Enterprise Should Ask Security Vendors From model selection and automation to validation and measurable results, the right questions can help enterprises separate genuine AI capabilities from marketing hype. (Joshua Goldfarb) The AI Token Costs That Can Break Cybersecurity As cybersecurity platforms embrace agentic AI, organizations must balance detection performance against the escalating costs of token consumption, deployment architecture, and AI credits. (Danelle Au) When Information Becomes the Attack Surface – Understanding AI Agent Traps From hidden content injections to cognitive state poisoning, attackers are turning trusted data sources into traps for autonomous AI. (Etay Maor) Flipboard Reddit Whatsapp Whatsapp Email","https:\u002F\u002Fwww.securityweek.com\u002Funpatched-cursor-vulnerability-exposes-users-to-code-execution\u002F","https:\u002F\u002Fwww.securityweek.com\u002Fwp-content\u002Fuploads\u002F2026\u002F07\u002FCursor.jpeg","2026-07-15T14:37:13+00:00","2026-07-15T16:00:28.009781+00:00",8,[18,21,24],{"name":19,"type":20},"Cursor","product",{"name":22,"type":23},"Mindgard","vendor",{"name":25,"type":26},"Git","technology","80544778-fabb-4dcd-aa35-17492e5dcf4f",{"id":27,"icon":29,"name":30,"slug":31},null,"Vulnerabilities","vulnerabilities",[33,38,40,45],{"category":34},{"id":35,"icon":29,"name":36,"slug":37},"02371804-cf6d-4449-98de-f1a2d4d9b266","Tools","tools",{"category":39},{"id":27,"icon":29,"name":30,"slug":31},{"category":41},{"id":42,"icon":29,"name":43,"slug":44},"ade75414-7914-4e23-a450-48b64546ee70","Open Source","open-source",{"category":46},{"id":47,"icon":29,"name":48,"slug":49},"e7b231c8-5f79-4465-8d38-1ef13aea5a14","Threat Intelligence","threat-intelligence",[51],{"type":52,"value":53,"context":54},"malware","git.exe","Malicious git.exe binary placed in project root for code execution."]