CNNVD-202508-3104 Information

CNNVD ID

CNNVD-202508-3104

Related CVE

CVE-2025-9190

• CNNVD Published: 2025-08-26

Description (Chinese)

Cursor是Cursor开源的一个 AI 代码编辑器。 Cursor 15.4.1版本存在安全漏洞，该漏洞源于RunAsNode配置不当，可能导致本地攻击者执行任意代码。

Description (English)

Cursor is an AI code editor at Cursor Open Source. There is a security loophole in Cursor 15.4.1 that stems from the inappropriate configuration of RunAsNode, which could lead local attackers to enforce random codes.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Cursor

Published

2025-08-26

Last Modified

2026-02-24

References

https://github.com/cursor/cursor/security/advisories/GHSA-xp8w-f7f4-r544 https://cert.pl/posts/2025/08/tcc-bypass/ https://afine.com/threat-of-tcc-bypasses-on-macos/#cooking-cursor-app https://nvd.nist.gov/vuln/detail/CVE-2025-9190

Patch

https://github.com/cursor/cursor