CVE-2025-62353

Name of the Vulnerable Software and Affected Versions Windsurf IDE (affected versions not specified)

Description A path traversal vulnerability exists in the Windsurf IDE, allowing attackers to read and write arbitrary local files on a user’s system, both within and outside of current projects. The vulnerability can be exploited directly or indirectly through prompt injection.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.