Vulnerabilities in Cursor IDE's MCP and AI Coding Tools Pose RCE and Supply Chain Risks
Originally Published 5 months ago — by Check Point Software
A security vulnerability in Cursor IDE's Model Context Protocol (MCP) allows attackers to silently modify trusted configurations to execute arbitrary commands, leading to persistent remote code execution. The flaw stems from the IDE's trust model, which only prompts for approval once, enabling malicious modifications to go unnoticed and be re-executed every time a project is opened or synchronized. The issue was responsibly disclosed and addressed in Cursor version 1.3, with recommendations to update to the latest version to mitigate risks.