A significant vulnerability has been identified in Cursor, an AI-assisted development environment with over 7 million users, allowing for code execution through a malicious git.exe binary when users open a repository. Discovered by Mindgard, this flaw does not require complex exploitation and can be triggered simply by opening a project with a compromised git.exe in its root directory.
After Mindgard reported the issue to Cursor in December 2025 and received no response for seven months, it was re-submitted to Cursor's bug bounty program but still lacks any indication of remediation or user protection. Mindgard expressed frustration over the lack of coordinated disclosure responses from Cursor, highlighting the urgency for user safety.