Cursor, Windsurf IDEs riddled with 94+ n-day Chromium vulnerabilities

The most recent releases of Cursor and Windsurf built-in growth environments are susceptible to greater than 94 identified and patched security points within the Chromium browser and the V8 JavaScript engine.

An estimated 1.8 million builders, the userbase for the 2 IDEs, are uncovered to the dangers.

Ox Safety researchers clarify that each growth environments are constructed on outdated software program that features outdated variations of the open-source Chromium browser and Google’s V8 engine.

They are saying that Cursor and Windsurf depend on outdated variations of VS Code that embrace outdated releases of the Electron framework for constructing cross-platform apps utilizing internet applied sciences (HTML, CSS, JavaScript).

“Since Electron embeds Chromium and V8, this implies the IDEs depend on outdated Chromium and V8 engines, exposing them to vulnerabilities which have already been patched in newer variations,” the researchers say in a report shared with BleepingComputer.

The researchers say that Cursor and Windsurf are susceptible to no less than 94 vulnerabilities current within the Chromium builds they use.

Regardless of the security situation being disclosed responsibly since October 12, the dangers are nonetheless current as Cursor thought-about the report “out of scope” and Windsurf didn’t reply.

Chrome dangers on the IDE

Cursor and Windsurf are AI-powered code editors forked from Visible Studio Code. They combine large-language fashions (LLMs) to assist builders write software program extra simply and rapidly.

They’re distributed as Electron apps, which means an software runtime that packages a particular Chromium construct for rendering internet content material, and contains the browser’s V8 JavaScript engine within the binary.

The particular Electron launch pins a Chromium + V8 model, and if the seller would not improve it, flaws mounted in each subsequent launch turn into exploitable dangers within the IDE.

Ox Safety demonstrated that it’s potential to take advantage of the Maglev JIT integer overflow described in CVE-2025-7656 by means of a deeplink, which executes Cursor and injects a immediate instructing its browser to go to a distant URL internet hosting an exploit payload.

The distant web page serves JavaScript that triggers CVE-2025-7656 exploitation, inflicting denial of service by crashing the renderer.

Nir Zadok and Moshe Siman Tov Bustan of Ox Safety demonstrated their findings by focusing on Cursor IDE with an exploit for CVE-2025-7656, an integer overflow vulnerability in Google Chrome’s V8 engine mounted on July 15.

The proof-of-concept exploit triggered Cursor to enter a denial-of-service situation (crash), as proven within the video under:

Nonetheless, Ox Safety notes that arbitrary code execution can be potential in real-world assaults.

An adversary would have a number of choices to set off the vulnerability. The researchers say that an attacker might use a malicious extension to set off the exploit or inject the exploit code into documentation and tutorials.

Hackers might additionally depend on traditional phishing assaults or leverage poisoned repositories by planting malicious code in README information which are previewed within the IDE.

Ox Safety notes that the exploit doesn’t work on the most recent VS Code, which is frequently up to date and addresses all identified bugs.

Upon receiving the proof-of-concept exploit, Cursor dismissed the report by saying that self-inflicted DoS is out of scope.

However the researchers famous that this stance ignores the extra extreme exploitation potential of the flaw, together with memory-corruption primitives, and even the broader set of unpatched CVEs within the Electron apps used.

“Since their final Chromium replace on 2025-03-21 for model 0.47.9 since Chromium 132.0.6834.210 was out, no less than 94 identified CVEs have been revealed. We have weaponized only one. The assault floor is huge,” explains Ox Safety.

BleepingComputer has contacted each Cursor and Windsurf asking for a touch upon Ox Safety’s report, however we’ve not heard again by publication time.