www.darkreading.com 7/14/2026, 1:18:12 PM · external

Cursor IDE flaw lets hackers run code via poisoned repo

Cursor IDE flaw lets hackers run code via poisoned repo
CyberSIXT Evidence Panel
Primary Source mindgard.ai

A vulnerability in the Cursor IDE allows execution of malicious code from poisoned repositories without users' consent or awareness. Discovered by Mindgard, this security flaw means that if a specific malicious file (named git.exe) is placed in the root of a repository, opening it in Cursor will automatically run this file. Despite reporting the issue to Cursor in December, there has been no remediation or acknowledgment, prompting Mindgard to disclose details to alert users.

Recommendations for mitigating risks include using AppLocker to restrict git.exe execution from unsanctioned locations and isolating untrusted repositories.

View Primary Source Via www.darkreading.com

Article by CyberSIXT

Timeline Coverage

Swipe to explore timeline