CVE-2025-61589
BaseFortify
Publication date: 2025-10-03
Last updated on: 2025-10-20
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| anysphere | cursor | to 1.7 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-200 | The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in Cursor versions 1.6 and below, where the Mermaid diagram rendering feature allows embedding images that get rendered in the chat box. An attacker can exploit this by performing a prompt injection, causing the application to fetch images from an attacker-controlled server, thereby exfiltrating sensitive information. The exploit requires malicious input such as web data, image uploads, or source code to trigger the prompt injection. Additionally, malicious models or backdoors might trigger this exploit intentionally. The issue is fixed in version 1.7.
How can this vulnerability impact me? :
This vulnerability can lead to the exfiltration of sensitive information from the Cursor application to an attacker-controlled external server. This means that confidential data processed or stored within Cursor could be leaked without user consent, potentially compromising privacy and security.
What immediate steps should I take to mitigate this vulnerability?
Upgrade Cursor to version 1.7 or later, as this version contains the fix for the vulnerability. Avoid using versions 1.6 and below where the issue exists. Additionally, be cautious of prompt injections from malicious data sources such as web inputs, image uploads, or source code to prevent exploitation.