Cursor git.exe vulnerability

Jul
16
Cursor can run a repository's `git.exe`. It says the repo is the trust boundary

Cursor can run a repository's `git.exe`. It says the repo is the trust boundary

Mindgard reported Cursor's git.exe code execution flaw in December 2025. Seven months later, Cursor calls it out of scope and points to Workspace Trust.
4 min read