Cursor IDE Auto-Executes Malicious Code in Poisoned Repos

Summary

A vulnerability exists in the Cursor IDE that allows malicious code to be auto-executed when users access a poisoned repository. Although reported to Cursor in December, the flaw remains unpatched, posing a significant risk to developers.

IFF Assessment

FOE

This vulnerability allows for the automatic execution of malicious code, which is detrimental to defenders and can lead to system compromise.

Severity

8.1 High (AI Estimated)

The vulnerability allows for remote code execution in a user's development environment, with a high impact on confidentiality, integrity, and availability, and is likely exploitable with low complexity. It carries a high severity rating.

Defender Context

This highlights the risks associated with integrating AI coding tools and open-source repositories. Defenders should be wary of using IDEs that auto-execute code and maintain vigilance against poisoned repositories, especially in collaborative development environments.

Read Full Story →