Cursor Arbitrary File Write Vulnerability in the Cursor Agent
Vulnerability
A vulnerability in the Cursor code editor, affecting versions 0.45.0 prior to 0.48.6, allows the Cursor Agent to automatically write to files outside the opened workspace. This issue arises from a regression in the application's file path modification permissions. Exploitation requires deliberate prompting, either by the user or through maliciously crafted context, making it highly impractical in real-world scenarios. Additionally, the edited file remains visible in the user interface for review, reducing the likelihood of unnoticed changes.
Impact
Exploitation of this vulnerability allows for arbitrary file writes outside the user's workspace, with the potential for overwriting important files or injecting malicious content into sensitive locations.
Remediation
The vulnerability has been patched in Cursor version 0.48.7. Users are advised to update to this version and to review the edits made by the Cursor Agent, especially when using context that may not be trusted.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.