Overview Recently, NSFOCUS CERT detected that HiddenLayer released a vulnerability report disclosing the Cursor remote code execution vulnerability (CVE-2025-62354). Because Cursor's check function for terminal commands in autorun mode has a logical flaw, an unauthenticated attacker can bypass the preset allowlist restrictions by constructing specially crafted malicious input, thereby achieving...
