CVE-2025-64108: 
NixOS vulnerability analysis and mitigation

Cursor, a code editor built for programming with AI, was found to contain a vulnerability in versions 1.7.44 and below. The vulnerability involves various NTFS path quirks that allow a prompt injection attacker to bypass sensitive file protections and overwrite files which normally require human approval for modification (GitHub Advisory, NVD). The vulnerability was assigned CVE-2025-64108 and was discovered in November 2025.

The vulnerability stems from improper handling of NTFS path syntax, specifically involving short path and data stream syntax. These path quirks can break Cursor's sensitive path detection mechanisms, allowing attackers to bypass the human approval requirement for protected file modifications. The vulnerability has been assigned a CVSS v3.1 base score of 8.8 (HIGH) with the vector string CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H, indicating network attack vector, low complexity, and high impact across confidentiality, integrity, and availability (GitHub Advisory).

The vulnerability can lead to Remote Code Execution (RCE) when successfully exploited through modification of certain protected files. The impact is limited to systems that support NTFS and requires chaining with either a prompt injection or malicious model attachment to achieve full exploitation (GitHub Advisory).

The vulnerability has been patched in Cursor version 2.0. The fix involves normalizing paths for NTFS before applying security guardrails. Users are advised to upgrade to version 2.0 or later to protect against this vulnerability (GitHub Advisory).