A critical remote code execution vulnerability has been detailed in Cursor Inc.'s integrated development environment, highlighting risks associated with trusted installation workflows and agentic AI tooling. The vulnerability, tracked as CVE-2025-64106 and rated 8.8 in severity, affected Cursor’s Model Context Protocol installation flows, potentially allowing attackers to execute arbitrary commands on a developer’s machine. The issue was patched within two days of its discovery by Cyata Security Ltd., based on information published by Silicon Angle.The vulnerability emerged due to Cursor's use of the Model Context Protocol to connect AI assistants within the IDE to external tools, databases, and APIs, enabling more autonomous development workflows. This connectivity introduced new attack surfaces, particularly when AI systems are granted system-level permissions during setup. Cyata researchers discovered that the MCP installation process could be manipulated to trick users into executing malicious commands under the guise of trusted software, such as Playwright. The exploit bypassed traditional methods by abusing logic and trust assumptions within the installation workflow, leveraging a trusted execution path and recognizable tooling to reduce user suspicion.The trust placed in installation interfaces and deep-link handling has become a critical security boundary. As AI IDEs gain more autonomy and access to system permissions, developers and security professionals must treat UI trust, deep links, and tool installation processes as integral parts of their threat models to prevent similar exploits and ensure the security of agentic workflows.Source: Silicon Angle
Security Operations, AI/ML, DevOps, Vulnerability Management, Patch/Configuration Management
Cursor IDE vulnerability exposes risks in AI tooling and installation workflows

(Credit: Robert – stock.adobe.com)
An In-Depth Guide to AI
Get essential knowledge and practical strategies to use AI to better your security program.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds



