Primary

Context

Cursor Remote Code Execution Vulnerability via Visual Studio Code Workspaces

Vulnerability

A remote code execution vulnerability exists in Cursor versions through 1.6, allowing attackers to manipulate Visual Studio Code workspace files. When a workspace is opened, VS Code creates an untitled workspace file that includes all folders and settings from the current session. If an attacker can hijack the chat context of a user, they may exploit prompt injection to alter the workspace file, bypassing existing security measures and potentially executing arbitrary code on the victim's machine.

Impact

Exploitation of this vulnerability could lead to remote code execution on the victim's machine, without requiring user approval.

Remediation

Users can update to Cursor version 1.7 or later, where this vulnerability has been addressed.

Added: Oct 3, 2025, 5:17 PM

Updated: Oct 3, 2025, 5:17 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

5.2

remediation

7.7

relevance

0.6

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

5.2

remediation

7.7

relevance

0.6

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Cursor Remote Code Execution Vulnerability via Visual Studio Code Workspaces

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating