{"id":87096,"date":"2026-06-11T09:55:53","date_gmt":"2026-06-11T09:55:53","guid":{"rendered":""},"modified":"-0001-11-30T00:00:00","modified_gmt":"-0001-11-30T06:00:00","slug":"cve-2025-61590-remote-code-execution-vulnerability-in-cursor-code-editor","status":"publish","type":"post","link":"https:\/\/www.ameeba.com\/blog\/cve-2025-61590-remote-code-execution-vulnerability-in-cursor-code-editor\/","title":{"rendered":"<strong>CVE-2025-61590: Remote Code Execution Vulnerability in Cursor Code Editor<\/strong>"},"content":{"rendered":"<p><strong>Overview<\/strong><\/p>\n<p>CVE-2025-61590 is a critical security vulnerability found in Cursor, a code editor built for programming with AI. This vulnerability primarily affects users of versions 1.6 and below and enables an attacker to execute remote code through Visual Studio Code Workspaces. Such a vulnerability makes it possible for potential system compromise or data leakage, emphasizing the need for immediate attention and mitigation.<\/p>\n<p><strong>Vulnerability Summary<\/strong><\/p>\n<p>CVE ID: CVE-2025-61590<br \/>\nSeverity: High (7.5 CVSS Score)<br \/>\nAttack Vector: Remote<br \/>\nPrivileges Required: Low<br \/>\nUser Interaction: Required<br \/>\nImpact: Remote Code Execution leading to system compromise and potential data leakage<\/p>\n<p><strong>Affected Products<\/strong><\/p><div id=\"ameeb-510994648\" class=\"ameeb-content-2 ameeb-entity-placement\"><div style=\"border-left: 4px solid #555; padding-left: 20px; margin: 48px 0; font-family: Roboto, sans-serif; color: #ffffff; line-height: 1.6; max-width: 720px;\">\r\n  <h2 style=\"margin-top: 0; font-size: 22px; font-weight: 600; display: flex; align-items: center; letter-spacing: -0.02em;\">\r\n    <a href=\"https:\/\/www.ameeba.com\/chat\" style=\"display: inline-flex; align-items: center; margin-right: 10px;\">\r\n      <img decoding=\"async\" src=\"https:\/\/www.ameeba.com\/blog\/wp-content\/uploads\/2025\/10\/Best-App-icon-Ameeba.png\" alt=\"Ameeba Chat Icon\" style=\"width: 42px; height: 42px;\" \/>\r\n    <\/a>\r\n    Share secrets securely\r\n  <\/h2>\r\n\r\n  <p style=\"margin-bottom: 14px; color: #d1d5db;\">\r\n    Ameeba is private infrastructure for communication and sensitive work built on encrypted identity instead of exposed corporate identity systems.\r\n  <\/p>\r\n\r\n  <p style=\"margin-bottom: 18px; color: #a1a1aa;\">\r\n    Passwords, credentials, confidential files, screenshots, internal discussions, sensitive AI context, and private coordination should not become exposed across ordinary communication platforms.\r\n  <\/p>\r\n\r\n  <ul style=\"list-style: none; padding-left: 0; margin-bottom: 24px; color: #e4e4e7;\">\r\n    <li style=\"margin-bottom: 8px;\">\u2022 Encrypted identity<\/li>\r\n    <li style=\"margin-bottom: 8px;\">\u2022 Private Spaces for organizations and teams<\/li>\r\n    <li style=\"margin-bottom: 8px;\">\u2022 End-to-end encrypted chat, calls, files, and notes<\/li>\r\n    <li style=\"margin-bottom: 8px;\">\u2022 Sensitive AI work and protected collaboration<\/li>\r\n    <li>\u2022 Built for information that cannot leak<\/li>\r\n  <\/ul>\r\n\r\n  <p style=\"font-style: italic; font-weight: 600; margin-bottom: 24px; color: #ffffff;\">\r\n    Our mission is to secure human work alongside AI.\r\n  <\/p>\r\n\r\n  <div style=\"display: flex; flex-wrap: wrap; gap: 12px;\">\r\n    <a href=\"https:\/\/www.ameeba.com\/chat\/download\" style=\"background-color: #ffffff; color: #000000; padding: 10px 20px; text-decoration: none; border-radius: 8px; font-weight: 500;\">\r\n      Download Ameeba\r\n    <\/a>\r\n\r\n    <a href=\"https:\/\/www.ameeba.com\/chat\" style=\"border: 1px solid #ffffff; color: #ffffff; padding: 10px 20px; text-decoration: none; border-radius: 8px; font-weight: 500;\">\r\n      Learn More\r\n    <\/a>\r\n  <\/div>\r\n<\/div><\/div>\n<p>Product | Affected Versions<\/p>\n<p>Cursor Code Editor | 1.6 and below<\/p>\n<p><strong>How the Exploit Works<\/strong><\/p>\n<p>The vulnerability is due to an issue with Cursor&#8217;s handling of Visual Studio Code Workspaces. These workspaces permit users to open multiple folders and save particular settings, creating an untitled workspace automatically. If an attacker successfully hijacks the chat context of the victim, for example, through a compromised MCP server, they can prompt the Cursor Agent to write into this file and alter the workspace. This action bypasses CVE-2025-54130, enabling an attacker to carry out a Remote Code Execution by writing to the settings section.<\/p>\n<p><strong>Conceptual Example Code<\/strong><\/p><div id=\"ameeb-3112955471\" class=\"ameeb-content ameeb-entity-placement\"><div class=\"poptin-embedded\" data-id=\"f6b387694f681\"><\/div>\r\n\r\n\r\n\r\n\r\n\r\n<\/div>\n<p>Given the nature of the vulnerability, an example of a potential exploit might involve a malicious actor injecting a payload through a compromised MCP server. This could be conceptually represented like this:<\/p>\n<pre><code class=\"\" data-line=\"\">\/\/ Attacker hijacks the chat context\nhijack_chat_context(victim, compromised_MCP_server);\n\/\/ Attacker injects payload to modify .code-workspace file\ninject_payload(&quot;untitled.code-workspace&quot;, &quot;malicious_payload&quot;);\n\/\/ Attacker triggers RCE by writing to the settings section\ntrigger_rce(&quot;settings.json&quot;);<\/code><\/pre>\n<p>Please note that this is a conceptual representation and does not represent actual exploitation code.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Overview CVE-2025-61590 is a critical security vulnerability found in Cursor, a code editor built for programming with AI. This vulnerability primarily affects users of versions 1.6 and below and enables an attacker to execute remote code through Visual Studio Code Workspaces. Such a vulnerability makes it possible for potential system compromise or data leakage, emphasizing [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"footnotes":""},"categories":[],"tags":[],"vendor":[],"product":[],"attack_vector":[],"asset_type":[],"severity":[],"exploit_status":[],"class_list":["post-87096","post","type-post","status-publish","format-standard","hentry"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts\/87096","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/comments?post=87096"}],"version-history":[{"count":0,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts\/87096\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/media?parent=87096"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/categories?post=87096"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/tags?post=87096"},{"taxonomy":"vendor","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/vendor?post=87096"},{"taxonomy":"product","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/product?post=87096"},{"taxonomy":"attack_vector","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/attack_vector?post=87096"},{"taxonomy":"asset_type","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/asset_type?post=87096"},{"taxonomy":"severity","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/severity?post=87096"},{"taxonomy":"exploit_status","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/exploit_status?post=87096"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}