Check Point researchers discovered a remote code execution vulnerability in Cursor, an AI coding tool, allowing attackers to alter Model Context Protocol configurations without user notification. Cursor addressed the flaw with an update that mandates user consent for modifications. Despite the fix, the incident reveals serious AI supply chain risks. The vulnerability highlights a fundamental weakness in trust models within AI development environments, even as the open-source MCP protocol enhances connectivity between AI systems.
The flaw exposes a critical weakness in the trust model behind AI-assisted development environments, raising the stakes for teams integrating LLMs and automation into their workflows.
Cursor released an update on July 29 that fixes the issue and requires user approval every time an MCP Server entry is modified.
Collection
[
|
...
]