A vulnerability in the Cursor IDE allows execution of malicious code from poisoned repositories without users' consent or awareness. Discovered by Mindgard, this security flaw means that if a specific malicious file (named git.exe) is placed in the root of a repository, opening it in Cursor will automatically run this file. Despite reporting the issue to Cursor in December, there has been no remediation or acknowledgment, prompting Mindgard to disclose details to alert users.
Recommendations for mitigating risks include using AppLocker to restrict git.exe execution from unsanctioned locations and isolating untrusted repositories.