CNNVD-202508-113 Information

CNNVD ID

CNNVD-202508-113

Related CVE

CVE-2025-54133

• CNNVD Published: 2025-08-02

Description (Chinese)

Cursor是Cursor开源的一个 AI 代码编辑器。 Cursor 1.17至1.2版本存在操作系统命令注入漏洞，该漏洞源于MCP深链接处理程序存在信息泄露，可能导致任意系统命令执行。

Description (English)

Cursor is an AI code editor at Cursor Open Source. Cursor 1.17 to 1.2 contains a loophole in the operating system command, which stems from the leaking of information in the MCP deep link processing process, which may lead to the execution of arbitrary system orders.

Hazard Level

Low

Vulnerability Type

操作系统命令注入

Affected Vendor

Cursor

Published

2025-08-02

Last Modified

2026-02-24

References

https://github.com/cursor/cursor/security/advisories/GHSA-r22h-5wp2-2wfv https://access.redhat.com/security/cve/cve-2025-54133 https://nvd.nist.gov/vuln/detail/CVE-2025-54133

Patch

https://cursor.com/downloads