AI-powered Cursor IDE vulnerable to prompt-injection attacks

A vulnerability that researchers call CurXecute is present in almost all versions of the AI-powered code editor Cursor and can be exploited to execute remote code with developer privileges.

The security issue is now identified as CVE-2025-54135 and can be leveraged by feeding the AI agent a malicious prompt to trigger attacker-control commands.

The Cursor integrated development environment (IDE) relies on AI agents to help developers code faster and more efficiently, allowing them to connect with external resources and systems using the Model Context Protocol (MCP).

To read the complete article see: Bleeping Computer