BotBeat
...
← Back

> ▌

Anysphere (Cursor)Anysphere (Cursor)
RESEARCHAnysphere (Cursor)2026-07-14

Cursor IDE Vulnerable to Arbitrary Code Execution via Planted Git Binary

Key Takeaways

  • ▸Cursor IDE automatically executes git.exe binaries found in repository root directories without user consent or warnings
  • ▸The vulnerability affects a widely-used AI coding tool, putting thousands of developers at risk of supply-chain attacks via malicious repositories
  • ▸Public full disclosure was chosen because responsible disclosure processes failed to secure a timely patch
Source:
Hacker Newshttps://mindgard.ai/blog/cursor-0day-when-full-disclosure-becomes-the-only-protection-left↗

Summary

A critical security vulnerability has been disclosed in Cursor, the AI-powered code editor, allowing arbitrary code execution on developers' machines. The vulnerability exploits how Cursor searches for git binaries across a project workspace—when a repository contains a malicious git.exe in its root directory, Cursor will automatically execute it without any user interaction, prompting, or warnings. According to the disclosure by researcher Synthetic7346, this execution occurs repeatedly on a cadence, making it a particularly dangerous attack vector for developers who work with untrusted or compromised repositories.

The flaw is especially concerning given Cursor's popularity among developers seeking AI-assisted coding. Any developer who clones a malicious repository and opens it in Cursor could unknowingly execute arbitrary code, potentially compromising their entire development environment, credentials, and system. The vulnerability demonstrates a broader security challenge in modern development tools that automate complex workflows—the convenience of automatic binary discovery creates attack surface that defenders must actively mitigate.

Editorial Opinion

The resort to full disclosure represents a critical failure in the responsible vulnerability disclosure process—and a necessary wake-up call for tool makers. When security vulnerabilities in developer tools go unpatched despite private notification, public disclosure becomes the only lever researchers have to protect the community from exploitation. Cursor's developers must prioritize security hardening alongside feature velocity; convenience that creates arbitrary code execution is a dangerous trade-off.

CybersecurityAI Safety & Alignment

More from Anysphere (Cursor)

Anysphere (Cursor)Anysphere (Cursor)
FUNDING & BUSINESS

Cursor Acquires Continue, Strengthening AI-Powered Developer Tooling

2026-07-14
Anysphere (Cursor)Anysphere (Cursor)
RESEARCH

CursorBench 3.1 Released: New Coding Benchmark Shows Fable 5 Leads in Code Understanding and Review Tasks

2026-07-02
Anysphere (Cursor)Anysphere (Cursor)
FUNDING & BUSINESS

Cursor's $60B SpaceX Acquisition Sparks Stock Market Turmoil, Investor Skepticism

2026-06-18

Comments

Suggested

GitHubGitHub
INDUSTRY REPORT

87% of AI-Generated Code Projects Have Security Issues, Report Finds Massive Quality Gaps

2026-07-14
AnthropicAnthropic
POLICY & REGULATION

200+ Economists Warn of AI-Driven Economic Transformation, Call for Policy Action

2026-07-14
IBMIBM
FUNDING & BUSINESS

IBM's Earnings Miss Signals Software Sector Squeeze as AI Infrastructure Investments Surge

2026-07-14
← Back to news
© 2026 BotBeat
AboutPrivacy PolicyTerms of ServiceContact Us