CNNVD-202511-363 Information

CNNVD ID

CNNVD-202511-363

Related CVE

CVE-2025-64110

• CNNVD Published: 2025-11-05

Description (Chinese)

Cursor是Cursor开源的一个 AI 代码编辑器。 Cursor 1.7.23及之前版本存在访问控制错误漏洞，该漏洞源于逻辑错误，可能导致恶意代理读取受保护敏感文件。

Description (English)

Cursor is an AI code editor at Cursor Open Source. Cursor 1.7.23 and previous versions had access control error holes, which stemmed from a logical error and could lead to malicious agents reading protected sensitive documents.

Hazard Level

High

Vulnerability Type

访问控制错误

Affected Vendor

Cursor

Published

2025-11-05

Last Modified

2026-02-24

References

https://github.com/cursor/cursor/security/advisories/GHSA-vhc2-fjv4-wqch https://access.redhat.com/security/cve/cve-2025-64110

Patch

https://cursor.com/cn