Cybersecurity researchers have disclosed a now-patched, high-severity security flaw in Cursor, a popular artificial intelligence (AI) code editor, that could result in remote code execution.The vulnerability, tracked as CVE-2025-54135 (CVSS score: 8.6), has been addressed in version 1.3 released on July 29, 2025. It has been codenamed CurXecute by Aim”¯Labs, which previously disclosed EchoLeak.
First seen on thehackernews.com
Jump to article: thehackernews.com/2025/08/cursor-ai-code-editor-fixed-flaw.html
