Bank Info Security
11 months, 1 week ago
MCP Protocol Bug Let Attackers Execute Code in Cursor
Cursor Patched Flaw Days After Disclosure, Says Check PointCheck Point researchers found a RCE flaw in Cursor, an AI-powered code editor, by manipulating a previously approved model context protocol configuration. Once a developer approved a configuration file for an MCP server, any future changes to that file could be executed without further prompts.