CVE-2025-61593HIGH 8.8EPSS p29.2%

CVE-2025-61593CVE-2025-61593

Description

Cursor is a code editor built for programming with AI. In versions 1.7 and below, a vulnerability in the way Cursor CLI Agent protects its sensitive files (i.e. */.cursor/cli.json) allows attackers to modify the content of the files through prompt injection, thus achieving remote code execution. A prompt injection can lead to full RCE through modifying sensitive files on case-insensitive filesystems. This issue is fixed in a commit, 25b418f, but has yet to be released as of October 3, 2025.

Scoring

CVSS 3.18.8 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS0.38% probability of exploitation · percentile 29.2% · 2026-06-19T12:03:05Z
Published2025-10-03
Last modified2025-10-09

Underlying weaknesses· 2

CWE-94CWE-178

References

  1. https://github.com/cursor/cursor/security/advisories/GHSA-x2vq-h6v6-jhc6

2

TypeTargetConfidenceTier
WeaknessImproper Handling of Case Sensitivitycwe-1780%live
WeaknessImproper Control of Generation of Code ('Code Injection')cwe-940%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-61592
CVE
CVE-2025-59944
CVE
CVE-2025-54135
CVE
CVE-2025-64108
CVE
CVE-2025-64107
CVE
CVE-2025-54130
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.