Cursor Flaw Lets Malicious Cloned Repositories Trigger Windows Code Execution
- Posted on July 15, 2026
- By The Hacker News
- 0 Views
- 1 min read
A critical vulnerability in Cursor IDE allows attackers to execute arbitrary code on Windows systems through malicious cloned repositories. When users open a project, the application automatically runs git.exe from the repository root, creating an attack vector for unauthorized code execution with user-level privileges. Despite being discovered seven months ago, no official patch or security advisory has been released, leaving developers at risk.
Summary auto-generated by AI from the original publisher's content. Editorial standards.