CVE-2025-61589Sensitive Information Exposure in Cursor

CWE-200Sensitive Information Exposure1 documents1 sources
Severity
5.9MEDIUMNVD
EPSS
0.0%
top 86.63%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
CursorAnysphere Cursor
Timeline
PublishedOct 3

Description

Cursor is a code editor built for programming with AI. In versions 1.6 and below, Mermaid (a to render diagrams) allows embedding images which then get rendered by Cursor in the chat box. An attacker can use this to exfiltrate sensitive information to a third-party attacker controlled server through an image fetch after successfully performing a prompt injection. A malicious model (or hallucination/backdoor) might also trigger this exploit at will. This issue requires prompt injection from malic

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 2.2 | Impact: 3.6

Affected Packages2 packages

CVEListV5cursor/cursor< 1.7
NVDanysphere/cursor< 1.7