{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-14T16:36:26.541","vulnerabilities":[{"cve":{"id":"CVE-2025-54136","sourceIdentifier":"security-advisories@github.com","published":"2025-08-02T00:15:25.290","lastModified":"2025-08-25T01:41:36.580","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Cursor is a code editor built for programming with AI. In versions 1.2.4 and below, attackers can achieve remote and persistent code execution by modifying an already trusted MCP configuration file inside a shared GitHub repository or editing the file locally on the target's machine. Once a collaborator accepts a harmless MCP, the attacker can silently swap it for a malicious command (e.g., calc.exe) without triggering any warning or re-prompt. If an attacker has write permissions on a user's active branches of a source repository that contains existing MCP servers the user has previously approved, or allows an attacker has arbitrary file-write locally, the attacker can achieve arbitrary code execution. This is fixed in version 1.3."},{"lang":"es","value":"Cursor es un editor de código creado para programar con IA. En las versiones 1.2.4 y anteriores, los atacantes pueden lograr la ejecución remota y persistente de código modificando un archivo de configuración MCP ya confiable dentro de un repositorio compartido de GitHub o editándolo localmente en el equipo objetivo. Una vez que un colaborador acepta un MCP inofensivo, el atacante puede reemplazarlo silenciosamente por un comando malicioso (por ejemplo, calc.exe) sin generar ninguna advertencia ni solicitud. Si un atacante tiene permisos de escritura en las ramas activas de un usuario de un repositorio de origen que contiene servidores MCP existentes que el usuario ha aprobado previamente, o permite que un atacante escriba archivos arbitrariamente localmente, puede lograr la ejecución de código arbitrario. Esto se solucionó en la versión 1.3."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:anysphere:cursor:*:*:*:*:*:*:*:*","versionEndExcluding":"1.3","matchCriteriaId":"6CC3BD06-C788-4AE8-80B9-8CF608AB5F5F"}]}]}],"references":[{"url":"https://github.com/cursor/cursor/security/advisories/GHSA-24mc-g4xr-4395","source":"security-advisories@github.com","tags":["Vendor Advisory"]}]}}]}