CNNVD-202508-109 Information

CNNVD ID

CNNVD-202508-109

Related CVE

CVE-2025-54131

• CNNVD Published: 2025-08-01

Description (Chinese)

Cursor是Cursor开源的一个 AI 代码编辑器。 Cursor 1.3之前版本存在命令注入漏洞，该漏洞源于自动运行模式允许绕过白名单，可能导致任意命令执行。

Description (English)

Cursor is an AI code editor at Cursor Open Source. There was an order-infusion loophole in the previous version of Cursor 1.3, which resulted from the automatic operating model allowing for the circumvention of white lists, which could lead to arbitrary orders being executed.

Hazard Level

High

Vulnerability Type

命令注入

Affected Vendor

Cursor

Published

2025-08-01

Last Modified

2026-02-24

References

https://github.com/cursor/cursor/security/advisories/GHSA-534m-3w6r-8pqr https://nvd.nist.gov/vuln/detail/CVE-2025-54131 https://access.redhat.com/security/cve/cve-2025-54131

Patch

https://cursor.com/downloads