Primary

Context

Cursor Deep-Link Vulnerability in MCP Server Bypasses Security Warnings and Executes Commands

Vulnerability

A vulnerability in Cursor code editor's MCP server installation process allows specially crafted deep-links to bypass standard security warnings and obscure executed commands from users. This issue affects Cursor versions through 1.7.28. When a victim is convinced to click a malicious deep-link, they do not receive the appropriate security alert and, if they accept the installation, unwittingly execute commands specified by the attacker.

Impact

Exploitation of this vulnerability allows for arbitrary command execution on the victim's machine, without their knowledge or consent.

Remediation

Users can update to Cursor version 2.0, where this vulnerability has been addressed.

Added: Nov 4, 2025, 11:18 PM

Updated: Nov 4, 2025, 11:18 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

6.4

remediation

7.7

relevance

0.9

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

6.4

remediation

7.7

relevance

0.9

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Cursor Deep-Link Vulnerability in MCP Server Bypasses Security Warnings and Executes Commands

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating