CVE-2025-61592: 
NixOS vulnerability analysis and mitigation

Cursor, a code editor built for programming with AI, was found to contain a critical security vulnerability (CVE-2025-61592) in versions 1.7 and below. The vulnerability was discovered by Assaf Levkovich of the JFrog Security Research team and disclosed on October 3, 2025. The issue affects the Cursor CLI component, where automatic loading of project-specific CLI configuration from the current working directory (/.cursor/cli.json) could override certain global configurations (GitHub Advisory, NVD).

The vulnerability stems from the CLI's behavior of automatically loading project-specific configuration files from the current working directory. This configuration could override global settings through /.cursor/cli.json. The security flaw allows for Remote Code Execution (RCE) through a combination of permissive configuration that allows shell commands and prompt injection delivered via project-specific Rules (/.cursor/rules/rule.mdc) or other mechanisms. The vulnerability has been assigned a CVSS v3.1 base score of 8.8 (High), with a vector string of CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H (GitHub Advisory).

The vulnerability could allow attackers to achieve Remote Code Execution on end-user systems when the Cursor CLI is run inside a malicious context such as a compromised repository or directory. This could lead to complete compromise of the affected system, with potential for high impact on confidentiality, integrity, and availability of the user's environment (GitHub Advisory).

A patch has been released as version 2025.09.17-25b418f which limits project-specific CLI configuration to only non-security settings and removes the allowlist from the vulnerable configurations. Users are strongly advised to upgrade to this patched version. As of October 3, 2025, there was no official release version available, only the patch (NVD).