HeadlinesBriefing favicon HeadlinesBriefing.com

Cursor 0-Day: Full Disclosure as Last Resort

Hacker News •
×

A critical vulnerability, dubbed a "0-day," has been discovered in the AI-assisted IDE Cursor, allowing for arbitrary code execution without user interaction. The flaw arises when Cursor attempts to locate Git binaries, and a malicious `git.exe` is present in the root of a loaded repository. Cursor automatically executes this planted binary, posing a significant risk given its widespread adoption with over 7 million active users and a reported market price of $60 billion.

Discovered by Mindgard on December 15, 2025, the vulnerability remains unfixed after more than six months and 197+ new versions. Despite repeated attempts to engage Cursor through various channels, including their security email and bug bounty program, minimal response has been received. The issue was initially closed as "Informative and out of scope" before being reopened by HackerOne.

As a temporary mitigation, administrators can use App Locker or Windows App Control policies to deny execution of `git.exe` from developer workspace directories on managed systems. For consumer systems, users are advised to open untrusted repositories only in isolated environments like Windows Sandbox until the IDE is patched. The prolonged lack of vendor engagement has led to this public disclosure as the only remaining protection for users.