Cursor AI Code Editor vulnerability alert

A remote code execution flaw in Cursor AI Code Editor lets attackers run malicious code automatically when a user opens a compromised repository. Discovered by Oasis Security, the issue stems from Cursor’s default setting disabling the “Workspace Trust” feature, which normally blocks untrusted code from running.

Cursor AI Code Editor vulnerability alertCursor AI Code Editor vulnerability alert

By exploiting a specially crafted .vscode/tasks.json file with the runOn parameter set to “folderOpen,” attackers can execute commands silently without user consent. This puts developer machines at risk of credential theft, file tampering, and further attacks on connected cloud and CI/CD systems.

Cursor AI Code Editor vulnerability alertCursor AI Code Editor vulnerability alert

Users should enable Workspace Trust, disable automatic task execution, and open unknown projects in isolated environments to mitigate the risk. Cursor plans to release updated security guidance soon.

NPAV offers a robust solution to combat cyber fraud. Protect yourself with our top-tier security product, Z Plus Security