CNNVD-202511-108 Information

CNNVD ID

CNNVD-202511-108

Related CVE

CVE-2025-64107

• CNNVD Published: 2025-11-04

Description (Chinese)

Cursor是Cursor开源的一个 AI 代码编辑器。 Cursor 1.7.52及之前版本存在路径遍历漏洞，该漏洞源于未正确检测反斜杠路径操作，可能导致未经批准覆盖敏感编辑器文件。

Description (English)

Cursor is an AI code editor at Cursor Open Source. Cursor 1.7.52 and previous versions have a loophole in the path, which stems from the incorrect detection of the backslash path operation and may lead to unauthorized overwhelming of sensitive editor files.

Hazard Level

Medium

Vulnerability Type

路径遍历

Affected Vendor

Cursor

Published

2025-11-04

Last Modified

2026-02-24

References

https://github.com/cursor/cursor/security/advisories/GHSA-2jr2-8wf5-v6pf https://access.redhat.com/security/cve/cve-2025-64107

Patch

https://cursor.com/cn