A persistent vulnerability in the Cursor application on Windows has exposed users to potential code execution threats, according to a recent report by Mindgard. The flaw poses significant risks in AI-assisted development environments by automatically executing malicious content.
Details of the Cursor Vulnerability
Cursor, a widely used AI-assisted development platform boasting over 7 million users, is at the center of this security issue. Mindgard reveals that the vulnerability arises when a developer opens a repository within Cursor, leading to an automatic execution of a harmful git.exe binary located in the project’s root directory. This occurs without any user notification or consent.
Mindgard emphasizes that the flaw is neither theoretical nor reliant on complex exploit chains. Instead, it merely requires the presence of a git.exe file in the repository’s root to be activated, highlighting the ease with which this vulnerability can be exploited.
Exploit Mechanics and Potential Impact
The core of the issue is Cursor’s process of locating Git binaries across various paths, including the workspace itself. If a malicious actor plants a compromised git.exe in the root, Cursor’s path resolution logic triggers its execution without alerting the user or seeking approval. This seamless execution of potentially harmful code raises significant security concerns.
Mindgard disclosed the vulnerability publicly after notifying Cursor on December 15, 2025, but receiving no response for seven months. The defect was also submitted to Cursor’s bug bounty program on HackerOne, where it was confirmed as reproducible, yet the issue remains unresolved.
Response and Future Outlook
Despite Mindgard’s efforts in coordinated disclosure, the lack of response from Cursor has shifted priorities toward public awareness. Mindgard insists that continued silence only endangers users while the absence of a patch leaves organizations vulnerable. The current situation underscores the need for prompt action to safeguard users and systems.
SecurityWeek has reached out to Cursor for comments, and updates will be provided upon receiving their response. This case serves as a reminder of the critical importance of timely communication and resolution in cybersecurity to protect against emerging threats.
