Cursor IDE Vulnerable to Arbitrary Code Execution via Planted Git Binary
Key Takeaways
- ▸Cursor IDE automatically executes git.exe binaries found in repository root directories without user consent or warnings
- ▸The vulnerability affects a widely-used AI coding tool, putting thousands of developers at risk of supply-chain attacks via malicious repositories
- ▸Public full disclosure was chosen because responsible disclosure processes failed to secure a timely patch
Summary
A critical security vulnerability has been disclosed in Cursor, the AI-powered code editor, allowing arbitrary code execution on developers' machines. The vulnerability exploits how Cursor searches for git binaries across a project workspace—when a repository contains a malicious git.exe in its root directory, Cursor will automatically execute it without any user interaction, prompting, or warnings. According to the disclosure by researcher Synthetic7346, this execution occurs repeatedly on a cadence, making it a particularly dangerous attack vector for developers who work with untrusted or compromised repositories.
The flaw is especially concerning given Cursor's popularity among developers seeking AI-assisted coding. Any developer who clones a malicious repository and opens it in Cursor could unknowingly execute arbitrary code, potentially compromising their entire development environment, credentials, and system. The vulnerability demonstrates a broader security challenge in modern development tools that automate complex workflows—the convenience of automatic binary discovery creates attack surface that defenders must actively mitigate.
Editorial Opinion
The resort to full disclosure represents a critical failure in the responsible vulnerability disclosure process—and a necessary wake-up call for tool makers. When security vulnerabilities in developer tools go unpatched despite private notification, public disclosure becomes the only lever researchers have to protect the community from exploitation. Cursor's developers must prioritize security hardening alongside feature velocity; convenience that creates arbitrary code execution is a dangerous trade-off.



