Cursor Remote Code Execution Vulnerability (CVE-2025-54135)

Overview Recently, NSFOCUS CERT detected that Cursor issued a security bulletin and fixed the Cursor remote code execution vulnerability (CVE-2025-54135); Because Cursor allows files to be written to the workspace without user approval, when an external Model Control Protocol (MCP) server is configured through the Cursor user interface, an attacker can use Agent to rewrite […]

The post Cursor Remote Code Execution Vulnerability (CVE-2025-54135) appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks..

The post Cursor Remote Code Execution Vulnerability (CVE-2025-54135) appeared first on Security Boulevard.