Skip to main content
CyberSingle-sourceHighDevelopingFeatured
7.7

Cursor IDE vulnerability allows arbitrary code execution via malicious git.exe in cloned repositories

A security flaw in the Cursor IDE for Windows enables the silent execution of attacker-supplied binaries upon opening a repository containing a malicious git.exe file. The vulnerability requires no user interaction or authorization and persists as of July 2026, posing a significant supply chain risk to developers. The extent of exploitation in the wild remains unconfirmed.

The Hacker News2 days agoUSCredibility 52%View source

Score Breakdown

Mosaic Score7.7
Confidence0.9
Significance0.8
Source credibility0.5

Intelligence Tags

Entities

countryconcept
Source

Related signals

8 found