Security researchers have disclosed a critical zero-day vulnerability in Cursor, an AI-assisted code editor built on Visual Studio Code, that enables automatic code execution on Windows systems. The flaw triggers when a user opens any repository containing a file named git.exe in the project root directory, executing the file immediately without any user interaction, approval dialogs, or security warnings.
The vulnerability represents a significant supply chain risk for developers using Cursor on Windows. Attackers can embed malicious executables disguised as git.exe in seemingly legitimate repositories, which then execute automatically when developers open the project. This attack vector is particularly dangerous because developers routinely clone and open repositories from various sources, including open-source projects, code samples, and collaborative work environments.
Technically, the issue stems from Cursor's automatic execution behavior when detecting what it assumes to be Git binaries. The editor runs the git.exe file with the user's full privileges, granting the malicious code access to all resources available to the developer. This includes source code repositories, SSH private keys stored on the system, cloud service credentials, and any other sensitive data accessible to the user account. The vulnerability compounds in severity because Cursor continues re-executing the malicious binary repeatedly while the project remains open, potentially enabling persistent backdoor access or continuous data exfiltration.
The impact extends beyond individual developers to entire organizations. Compromised developer machines can serve as entry points into corporate networks, source code repositories, and production environments. Attackers gaining access to developer credentials can push malicious code into software supply chains, steal intellectual property, or pivot to other systems within the organization. The automatic and silent nature of the execution makes detection difficult, as users receive no indication that unauthorized code is running.
Windows users of Cursor should immediately exercise extreme caution when opening any repository from untrusted sources. Security teams should implement endpoint detection and response solutions to monitor for suspicious git.exe executions from non-standard locations. Organizations should consider temporarily restricting Cursor usage on Windows systems until a patch becomes available. Developers should verify repository contents before opening projects and maintain isolated development environments for working with unfamiliar code. The Cursor development team has not yet released an official patch or mitigation guidance for this vulnerability.
Source: https://thehackernews.com/2026/07/cursor-flaw-lets-malicious-cloned.html


