CVE-2025-54132Server-Side Request Forgery in Cursor

CWE-918Server-Side Request ForgeryCWE-77Command InjectionCWE-22Path Traversal4 documents3 sources
Severity
7.5HIGHNVD
EPSS
0.0%
top 85.05%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
7
CursorAnysphere CursorMsrc Azl3 GH 2.62.0-2 ON Azure Linux 3.0+4 more
Timeline
PublishedAug 1
Latest updateOct 14

Description

Cursor is a code editor built for programming with AI. In versions below 1.3, Mermaid (which is used to render diagrams) allows embedding images which then get rendered by Cursor in the chat box. An attacker can use this to exfiltrate sensitive information to a third-party attacker controlled server through an image fetch after successfully performing a prompt injection. A malicious model (or hallucination/backdoor) might also trigger this exploit at will. This issue requires prompt injection fr

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages7 packages

CVEListV5cursor/cursor< 1.3
NVDanysphere/cursor< 1.3

📋Vendor Advisories

2
Microsoft
GitHub CVE-2025-54132: Arbitrary Image Fetch in Mermaid Diagram Tool2025-10-14
Microsoft
GitHub CLI allows downloading malicious GitHub Actions workflow artifact to result in path traversal vulnerability2024-12-10

🕵️Threat Intelligence

1
Bleepingcomputer
Microsoft October 2025 Patch Tuesday fixes 6 zero-days, 172 flaws2025-10-14