IT之家 8 月 2 日消息，科技媒体 bleepingcomputer 昨日（8 月 1 日）发布博文，报道称让程序员“氪金”上瘾的 AI 工具 Cursor 存在 CurXecute 严重漏洞，几乎影响所有版本，官方已于 7 月 29 日发布 1.3 版本修复，并敦促开发者尽快升级。 该漏洞追踪编号为 CVE-2025-54135 ...

这篇文章介绍了即梦 MCP 在 AI 作图方面的应用，通过与 Cursor 和 Cherry Studio 的结合，详细讲解了如何利用即梦 MCP 实现 AI 作图自由，并提供了开通即梦 API、配置 MCP server、设置环境变量及客户端的具体步骤，还展示了在不同场景下的应用案例。 最近即梦官方已经 ...

Due to a lack of security checks, attackers can change MCP configurations in the Cursor IDE to execute arbitrary code. In the case of the vulnerability named MCPoison by the security analysts, which ...

A vulnerability that researchers call CurXecute is present in almost all versions of the AI-powered code editor Cursor, and can be exploited to execute remote code with developer privileges. The ...

An inherent insecurity in the increasingly popular artificial intelligence (AI)-powered developer environment Cursor allows attackers to take over its browser to deliver credential-stealing attacks.