CVE-2026-31854 | THREATINT

Description

Cursor is a code editor built for programming with AI. Prior to 2.0 ,if a visited website contains maliciously crafted instructions, the model may attempt to follow them in order to “assist” the user. When combined with a bypass of the command whitelist mechanism, such indirect prompt injections could result in commands being executed automatically, without the user’s explicit intent, thereby posing a significant security risk. This vulnerability is fixed in 2.0.

PUBLISHED Reserved 2026-03-09 | Published 2026-03-11 | Updated 2026-03-11 | Assigner GitHub_M

HIGH: 8.7CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Problem types

CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Product status

< 2.0

affected

References

github.com/...cursor/security/advisories/GHSA-hf2x-r83r-qw5q

cve.org (CVE-2026-31854)

nvd.nist.gov (CVE-2026-31854)

Download JSON