CNNVD-202508-284 Information

CNNVD ID

CNNVD-202508-284

Related CVE

CVE-2025-54135

• CNNVD Published: 2025-08-05

Description (Chinese)

Cursor是Cursor开源的一个 AI 代码编辑器。 Cursor 1.3.9之前版本存在安全漏洞，该漏洞源于允许未经用户批准写入工作区文件，可能导致远程代码执行。

Description (English)

Cursor is an AI code editor at Cursor Open Source. There was a security loophole in the pre-Cursor 1.3.9 version, which stemmed from allowing the writing of work area files without user approval, which could lead to remote code execution.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Cursor

Published

2025-08-05

Last Modified

2026-02-24

References

https://github.com/cursor/cursor/security/advisories/GHSA-4cxx-hrm3-49rm https://access.redhat.com/security/cve/cve-2025-54135 https://nvd.nist.gov/vuln/detail/CVE-2025-54135

Patch

https://cursor.com/downloads