Overview
CVE-2026-63093 is a binary planting vulnerability discovered in Cursor for Windows version 3.2.16. The flaw allows a remote attacker to achieve arbitrary code execution on a victim's machine by embedding a malicious git.exe file in the root of a crafted repository.
When a developer clones and opens the repository in Cursor, the IDE automatically resolves git.exe from the repository root rather than from a trusted system path — silently executing attacker-controlled code with the privileges of the current user.
| Field | Detail |
|---|---|
| CVE ID | CVE-2026-63093 |
| CVSS Score | 8.8 (High) |
| Affected Software | Cursor for Windows 3.2.16 |
| Attack Vector | Network (social engineering / repository share) |
| Privileges Required | None |
| User Interaction | Required (clone + open repository) |
| Published | 2026-07-17 |
Technical Details
Binary planting (also known as DLL/EXE hijacking) occurs when an application resolves a dependency by searching relative or attacker-controlled paths before trusted system directories. In this case, Cursor's Git integration uses git.exe without enforcing an absolute, verified path — allowing the current working directory or repository root to shadow the legitimate binary.
Attack chain:
- Attacker crafts a repository containing a malicious
git.exeat the root. - Victim is social-engineered into cloning the repository (e.g., via a link, issue, or collaboration invite).
- Victim opens the cloned folder in Cursor for Windows.
- Cursor automatically invokes
git.exefor version control operations. - The malicious
git.exeexecutes in the context of the victim's user account.
This attack requires no elevated privileges and no special Cursor permissions — only that the victim open the repository in the vulnerable IDE version.
Impact
A successful exploit grants the attacker arbitrary code execution on the developer's workstation with the privileges of the logged-in user. Given that developers typically have access to credentials, SSH keys, cloud tokens, and source code, the blast radius extends well beyond the local machine.
Potential downstream impacts include:
- Credential and token theft (AWS, GitHub, Azure keys stored in environment or config files)
- Lateral movement within corporate networks
- Supply chain compromise if the developer has write access to CI/CD pipelines or package registries
Recommended Actions
- Update Cursor to a patched version above 3.2.16 as soon as one is available from the vendor.
- Audit open repositories — avoid opening untrusted or unreviewed repositories in Cursor until patched.
- Review PATH configuration — ensure system Git is installed in a trusted, non-user-writable location (
C:\Program Files\Git\bin). - Enable Windows Defender ASR rules targeting executable planting in user-writable directories.
- Monitor for unexpected
git.exeprocesses originating outsideProgram Files.