{"rewrite":{"id":"r_266dde7742f6d7bcbb81be96","clusterId":"c_036e2f15d9363e986d8c3204","slug":"cursor-zero-day-vulnerability-disclosed-after-seven-months-without-a-fix","model":"deepseek-v4-flash","headline":"Cursor Zero-Day Vulnerability Disclosed After Seven Months Without a Fix","summary":"A vulnerability in the AI-assisted code editor Cursor allows arbitrary code execution by opening a crafted repository. Security firm Mindgard reported the flaw in December 2025 but after seven months without a fix, it disclosed the details on July 14, 2026. The issue involves Cursor searching for executable files in the repository itself, with no warning or user interaction required.","whyItMatters":"The disclosure demonstrates the risks of AI-assisted development tools when vendors fail to patch known vulnerabilities, leaving users exposed to attacks via malicious repositories.","webCardHtml":"\u003cp\u003eCursor searches for executable files in multiple locations when loading a project, including the repository itself. A malicious git.exe placed at the top level of a repository will be executed automatically without any warning or user interaction. Mindgard, the security firm that discovered the flaw, reported it to Cursor in December 2025. After seven months without a fix and insufficient communication, the company disclosed the vulnerability details on July 14, 2026. As of the time of writing, no fixed version or security advisory has been issued. Mindgard recommends opening untrusted repositories in Windows Sandbox or disposable virtual machines as a workaround.\u003c/p\u003e","blueskyPost":"Cursor vulnerability allows arbitrary code execution by opening a repository. Reported 7 months ago, no fix, so security firm disclosed details. Developers should use sandboxed environments for untrusted code.","twitterPost":"Cursor vulnerability: opening a repository can auto-execute malicious code. Reported Dec 2025, no fix after 7 months, full disclosure now. Use Windows Sandbox for untrusted repos.","threadsPost":null,"newsletterBlurb":"A vulnerability in the AI-assisted code editor Cursor allows arbitrary code execution simply by opening a crafted repository. The security firm Mindgard reported the issue in December 2025 but after seven months without a fix, it disclosed the details. No official patch has been released as of writing.","attributionJson":"[{\"source\":\"GIGAZINE\",\"url\":\"https://gigazine.net/news/20260715-cursor-0day-disclosure/\",\"title\":\"Vulnerability in Cursor Allows Arbitrary Code Execution by Simply Opening a Repository, Remains Unfixed 7 Months After Report, Researcher Discloses Full Details\"}]","lintFlagsJson":null,"lintHits":0,"costUsd":0,"inputTokens":4193,"outputTokens":2161,"status":"published","repairAttempts":0,"nextRepairAt":null,"factsAttemptedAt":1784141033,"createdAt":"2026-07-15T18:34:35.000Z","publishedAt":"2026-07-15T18:37:28.000Z","updatedAt":"2026-07-15T18:34:35.000Z"},"cluster":{"id":"c_036e2f15d9363e986d8c3204","canonicalTitle":"Cursorに「リポジトリを開くだけ」で任意コードが実行される脆弱性、報告から7カ月たっても修正されず研究者が全容公開","representativeArticleId":"a_8d3753a8bdf9a3818b36b007","sourceCount":1,"writtenSourceCount":1,"writeAttempts":0,"isSolo":true,"entitiesJson":"{\"anime_titles\":[],\"manga_titles\":[],\"work_titles\":[],\"studios\":[],\"people\":[],\"type\":\"news\",\"domain\":\"other\",\"is_roundup\":false}","contentType":"news","status":"published","firstSeenAt":"2026-07-15T06:30:00.000Z","lastSeenAt":"2026-07-15T06:30:00.000Z","updatedAt":"2026-07-15T18:37:29.000Z"},"attribution":[{"source":"GIGAZINE","url":"https://gigazine.net/news/20260715-cursor-0day-disclosure/","title":"Cursorに「リポジトリを開くだけ」で任意コードが実行される脆弱性、報告から7カ月たっても修正されず研究者が全容公開"}],"entities":{"anime_titles":[],"manga_titles":[],"work_titles":[],"studios":[],"people":[],"type":"news","domain":"other","is_roundup":false},"keyFacts":null}
