CVE-2025-54133

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://github.com/cursor/cursor/security/advisories/GHSA-r22h-5wp2-2wfv", "name": "https://github.com/cursor/cursor/security/advisories/GHSA-r22h-5wp2-2wfv", "tags": [], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Cursor is a code editor built for programming with AI. In versions 1.17 through 1.2, there is a UI information disclosure vulnerability in Cursor's MCP (Model Context Protocol) deeplink handler, allowing attackers to execute 2-click arbitrary system commands through social engineering attacks. When users click malicious `cursor://anysphere.cursor-deeplink/mcp/install` links, the installation dialog does not show the arguments being passed to the command being run. If a user clicks a malicious deeplink, then examines the installation dialog and clicks through, the full command including the arguments will be executed on the machine. This is fixed in version 1.3."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-200"}, {"lang": "en", "value": "CWE-78"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2025-54133", "ASSIGNER": "security-advisories@github.com"}}, "impact": {}, "publishedDate": "2025-08-02T00:15Z", "configurations": {"nodes": [], "CVE_data_version": "4.0"}, "lastModifiedDate": "2025-08-02T00:15Z"}