Cursor Mermaid Diagram Tool Information Exfiltration Vulnerability

A vulnerability in Cursor code editor versions through 1.6 allows for unauthorized information leakage via the Mermaid diagram tool. The issue arises from Mermaid's capability to embed images, which Cursor renders in the chat box. An attacker could exploit this feature to exfiltrate sensitive data to a third-party server after executing a prompt injection. This vulnerability requires the injection of malicious prompts, potentially through web data, image uploads, or source code. Additionally, a compromised AI model could exploit this issue at will.

Impact

Exploitation of this vulnerability could lead to the unauthorized transmission of sensitive information from the affected user's environment to an attacker-controlled external server.

Remediation

Users can update to Cursor version 1.7, where this vulnerability has been addressed. In this patched version, all remote images are removed from Mermaid diagrams before rendering.