Critical Cursor bug could turn routine Git into RCE

A critical vulnerability in the Cursor IDE has been exposed, enabling attackers to execute arbitrary code on a developer's machine through a routine Git interaction. This high-severity bug is triggered when a developer clones and interacts with a malicious repository, allowing the IDE's AI agent to execute embedded Git logic and gain control over the system. The root cause of this issue stems from a feature interaction in Git, rather than a flaw in Cursor's core product logic. Specifically, the vulnerability can be exploited when a developer uses the Cursor IDE to clone a repository containing malicious code, which can then be executed by the IDE's AI agent. This vulnerability has significant implications for developers who use the Cursor IDE, as it could allow attackers to gain unauthorized access to their systems¹. The ability to execute arbitrary code on a developer's machine poses a significant risk, making it essential for practitioners to prioritize patching and securing their development environments.