Cursor Flaw Lets Malicious Cloned Repositories Trigger Windows Code Execution

A critical vulnerability in the Cursor IDE allows attackers to execute arbitrary code on Windows systems simply by planting a malicious ‘git.exe’ file within a cloned repository. Because this zero-click flaw remains unpatched, security experts recommend that users open untrusted repositories only within disposable virtual machines or Windows Sandbox.

Edward Kiledjian @ekiledjian