Cursor Flaw Lets Malicious Cloned Repositories Trigger Windows Code Execution
Cursor runs a repo-root git.exe when a Windows project opens, enabling code execution as the user. Seven months later, no patch or advisory exists.
More info
