Recently, a critical security vulnerability (CVE-2025-54135) was identified in Cursor, an AI-powered code editor developed by Anysphere Inc. This flaw could enable remote code execution, posing a serious threat to data security and system stability.

In version prior to 1.3.9, Cursor allows modifications to workspace files without user authorization. For a dotfile, editing requires approval while creating a new one does not. Consequently, if sensitive MCP files, such as .cursor/mcp.json, do not already exist in the workspace, an attacker could exploit an indirect prompt injection vulnerability to hijack the context, write malicious content to the configuration file and ultimately trigger remote code execution (RCE) on the victim’s device without authorization.

This issue has been resolved in version 1.3.9. Users are strongly advised to upgrade to version 1.3.9 or later immediately.

Information Technology Department (ITD) 

October 20, 2025