CVE-2025-61592 | Cursor up to 1.7 /.cursor/cli.json inclusion of functionality from untrusted control sphere (GHSA-v64q-396f-7m79)

A vulnerability identified as critical has been detected in Cursor up to 1.7. This vulnerability affects unknown code of the file /.cursor/cli.json. This manipulation causes inclusion of functionality from untrusted control sphere.

This vulnerability appears as CVE-2025-61592. The attack may be initiated remotely. There is no available exploit.

To fix this issue, it is recommended to deploy a patch.VulDB Recent EntriesRead More