CVE-2025-64106

Name of the Vulnerable Software and Affected Versions Cursor versions 1.7.28 and below

Description Cursor is a code editor designed for programming with AI. An input validation issue within Cursor’s MCP server installation allows maliciously crafted deep-links to circumvent standard security warnings. This can conceal executed commands from users who accept the server connection. If a user navigates to a malicious deep-link provided by an attacker, they may not see the expected security prompt and, upon acceptance, will execute commands specified within the deep-link. The affected component is the deep-link processing mechanism.

Recommendations Versions prior to 1.7.28 should be updated.