Back to section
Bezpečnosť 🔥 Top

Cursor Zero-Day: Malicious git.exe in Repo Root Executes Arbitrary Code Without User Interaction

Streda 15. júla 2026 Source: Mindgard

What happened

Mindgard disclosed on July 14, 2026 the details of a critical zero-day vulnerability (CVE-2026-26268) in Cursor IDE with 7M+ users. On Windows, if a repository contains a malicious git.exe in the project root directory, Cursor automatically executes it when the project is opened — without any user interaction, clicks, or warnings.

Context and impact

The vulnerability was first reported December 15, 2025, but remained unpatched for 7+ months while Cursor shipped 197 new versions. Additionally, Mindgard disclosed two prompt-injection sandbox-escape vulnerabilities (CVE-2026-50548 and CVE-2026-50549, CVSS 9.8) enabling zero-click remote code execution. These were patched in Cursor 3.0. Reliance on external tools (git) as part of automated agentic workflows represents a systemic risk for the entire AI IDE category.

Details

  • CVE-2026-26268: malicious git.exe in repo root = RCE without interaction (Windows)
  • CVE-2026-50548 & -50549: CVSS 9.8, zero-click RCE via prompt injection
  • Reported: December 15, 2025; unpatched for 7+ months / 197 Cursor releases
  • Patched: CVE-2026-50548/49 in Cursor 3.0; CVE-2026-26268 status unclear at disclosure
  • Impact: 7M+ active Cursor IDE users
  • Disclosure: full disclosure after coordinated patching failed
Open original source Mindgard