anysphere
AI / MLcommercial
Top products
Latest CVEs
The 13 most recently published vulnerabilities affecting anysphere.
- CVE-2026-50548Cursor Desktop sandbox escape via agent-controlled working directory9.8
- CVE-2026-50549Cursor Desktop sandbox escape via symlink and failed path canonicalization9.8
- CVE-2025-61593Cursor CLI Agent: Sensitive File Overwrite Bypass7.1
- CVE-2025-61592Cursor CLI: Arbitrary Code Execution Possible through Permissive CLI Config8.8
- CVE-2025-61591Cursor CLI's Cursor Agent MCP OAuth2 Communication is Vulnerable to Remote Code Execution8.8
- CVE-2025-61590Cursor is vulnerable to RCE via .code-workspace files using Prompt Injection7.5
- CVE-2025-61589Cursor: Potential Information Leakage via Mermaid Diagram5.9
- CVE-2025-54130Cursor Agent is vulnerable prompt injection via Editor Special Files7.5
- CVE-2025-54135Cursor Agent is vulnerable to prompt injection via MCP Special Files8.5
- CVE-2025-54136Cursor's Modification of MCP Server Definitions Bypasses Manual Re-approvals7.2
- CVE-2025-54133Cursor's MCP Install Deeplink Does Not Show Arguments in its User-Dialog9.6
- CVE-2025-54132Cursor's Mermaid Diagram Tool is Vulnerable to an Arbitrary Image Fetch4.4
- CVE-2025-54131Cursor bypasses its allow list to execute arbitrary commands6.4