ShellCodeX Intelligence Brief
HIGH
Developer Tools
Cursor auto-executes malicious git.exe from unpatched project roots
Source headline: Unpatched Cursor Vulnerability Exposes Users to Code Execution
Threat level
High
Signal strength
75/100
Source confidence
1 source
Published
9 hours ago
Intelligence Summary
A vulnerability in Cursor allows code execution when a malicious repository contains a git.exe at the project root. Cursor may automatically run the file during repository handling, even without user intent. This can lead to arbitrary command execution on the user’s machine. The risk affects anyone using Cursor to open untrusted or unverified repositories. Users should avoid opening unknown projects and update Cursor if a fix is available.
Recommended Action
Review affected assets, schedule urgent remediation, and monitor related indicators.
Topics
Original reporting
SecurityWeek
Unpatched Cursor Vulnerability Exposes Users to Code Execution
Open original source