A security weakness has been disclosed in the artificial intelligence (AI)-powered code editor Cursor that could trigger code execution when a maliciously crafted repository is opened using the program.
The issue stems from the fact that an out-of-the-box security setting is disabled by default, opening the door for attackers to run arbitrary code on users' computers with their privileges.
"



Source: TheHackerNews
Source Link: https://thehackernews.com/2025/09/cursor-ai-code-editor-flaw-enables.html