Anysphere (Cursor)

Organization

Entity Summary

Entity ID: ENT-ANYSPHERECUR
Type: Organization

Roles: Developer
Sectors: —
Incidents: 1

First Incident: 2026-01

Incident Activity

Incidents Involved as Developer/Deployer (1)

Incident ID	Title	Description	Severity	Date
INC-26-0022	Cursor AI Code Editor Shell Built-In Allowlist Bypass Enables Zero-Click RCE	Pillar Security disclosed CVE-2026-22708 in the Cursor AI code editor, where shell built-in commands such as 'export'…	high	2026-01

Context & Analysis

Anysphere (Cursor) appears in 1 documented incident spanning January 2026. 100% of incidents are rated critical or high severity. The dominant threat domain is Security & Cyber (1 incident). The most common pattern is Prompt Injection Attack, appearing in 1 incident.

Threat Domains

Security & Cyber (1)

Top Threat Patterns

Prompt Injection Attack (1) Tool Misuse & Privilege Escalation (1)

Frequently Asked Questions

What AI incidents involve Anysphere (Cursor), and what role did it play?

Anysphere (Cursor) appeared as developer in 1 incident. Key incidents include: INC-26-0022 Cursor AI Code Editor Shell Built-In Allowlist Bypass Enables Zero-Click RCE (high severity, 2026-01) .

Which AI threat patterns involve Anysphere (Cursor)?

Anysphere (Cursor)'s incidents involve Prompt Injection Attack , Tool Misuse & Privilege Escalation . These are part of a taxonomy of 49 patterns across 8 domains.

Use in Retrieval

Anysphere (Cursor) (ENT-ANYSPHERECUR) is documented at /entities/anysphere-cursor/ as an organization in the TopAIThreats.com database.

Incidents span 1 domain: Security & Cyber.

When citing, reference the canonical URL and specific incident IDs (e.g., INC-26-0022) for traceability.