anysphere

Top products

The 15 most recently published vulnerabilities affecting anysphere.

• CVE-2026-31854Cursor Affected by Arbitrary Code Execution via Prompt Injection and Whitelist Bypass8.8Mar 11, 2026
• CVE-2026-26268Cursor sandbox escape via Git hooks8.0Feb 13, 2026
• CVE-2026-22708Cursor has a Terminal Tool Allowlist Bypass via Environment Variables9.8Jan 14, 2026
• CVE-2025-64110Cursor: Authentication Bypass Possible via New Cursorignore Write7.5Nov 4, 2025
• CVE-2025-64108Cursor's Sensitive File Modification can Lead to NTFS Path Quirks8.8Nov 4, 2025
• CVE-2025-64107Cursor is Vulnerable to Path Manipulation Using Backslashes on Windows8.8Nov 4, 2025
• CVE-2025-64106Cursor: Speedbump Modal Bypass in MCP Server Deep-Link8.8Nov 4, 2025
• CVE-2025-59944Cursor IDE: Sensitive File Overwrite Bypass is Possible8.0Oct 3, 2025
• CVE-2025-61593Cursor CLI Agent: Sensitive File Overwrite Bypass7.1Oct 3, 2025
• CVE-2025-61592Cursor CLI: Arbitrary Code Execution Possible through Permissive CLI Config8.8Oct 3, 2025
• CVE-2025-61591Cursor CLI's Cursor Agent MCP OAuth2 Communication is Vulnerable to Remote Code Execution8.8Oct 3, 2025
• CVE-2025-61590Cursor is vulnerable to RCE via .code-workspace files using Prompt Injection7.5Oct 3, 2025
• CVE-2025-61589Cursor: Potential Information Leakage via Mermaid Diagram5.9Oct 3, 2025
• CVE-2025-54130Cursor Agent is vulnerable prompt injection via Editor Special Files7.5Aug 5, 2025
• CVE-2025-54135Cursor Agent is vulnerable to prompt injection via MCP Special Files8.5Aug 5, 2025