Cyata Flags Cursor Remote Code Execution Risk

Cyata Security reported today a critical remote code execution vulnerability (CVE-2025-64106, severity 8.8) in Cursor Inc.’s IDE that affected Model Context Protocol installation flows and could allow arbitrary command execution. Cyata disclosed the flaw and Cursor patched it within two days; the issue highlights risks in agentic AI tool integration where trusted installation dialogs and deep-link handling can be abused.
Key Points
- 1Identify critical RCE (CVE-2025-64106) in Cursor's MCP installer, rated 8.8 severity
- 2Expose how MCP deep-link trust failures enable UI deception and arbitrary command execution during tool setup
- 3Warn developers to treat installation flows as security boundaries when integrating agentic AI and external tools
Scoring Rationale
High practical impact due to critical RCE and quick patching; limited industry-wide effect beyond MCP adopters.
Sources
Public references used for this report.
Practice interview problems based on real data
1,625 SQL & Python problems across 15 industry datasets — the exact type of data you work with.
Try 250 free problems

