{"vulnerability": "cve-2025-54136", "sightings": [{"uuid": "11a6ff4b-0440-4de8-ae8c-e7d85e1e7cc8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54136", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lvpo364rrw2r", "content": "", "creation_timestamp": "2025-08-06T07:08:34.840387Z"}, {"uuid": "53263f82-f608-44b2-a020-e1a3948f1cc4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54136", "type": "seen", "source": "https://infosec.exchange/users/edwardk/statuses/114981709495083968", "content": "", "creation_timestamp": "2025-08-06T12:00:51.643198Z"}, {"uuid": "e29c20cc-0c4c-4aa6-8fd6-7fe5d43ba4ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54136", "type": "seen", "source": "https://bsky.app/profile/cti-news.bsky.social/post/3lvnrhfhdms26", "content": "", "creation_timestamp": "2025-08-05T13:03:46.930932Z"}, {"uuid": "7d6e8681-4c5f-43eb-beff-5154cb93aa79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54136", "type": "seen", "source": "https://bsky.app/profile/LLMs.activitypub.awakari.com.ap.brid.gy/post/3lvnw7fadh6k2", "content": "", "creation_timestamp": "2025-08-05T14:32:37.482708Z"}, {"uuid": "add09c89-5d72-48ad-9501-4d92f7629389", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54136", "type": "seen", "source": "https://bsky.app/profile/LLMs.activitypub.awakari.com.ap.brid.gy/post/3lvnx2jh6sp22", "content": "", "creation_timestamp": "2025-08-05T14:46:35.149976Z"}, {"uuid": "44b35679-b748-4668-b1f1-43877e154f68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54136", "type": "seen", "source": "https://bsky.app/profile/pigondrugs.bsky.social/post/3lvo3gd7mcp2i", "content": "", "creation_timestamp": "2025-08-05T16:02:07.969293Z"}, {"uuid": "b4754608-b249-40a6-8817-26c838e34d49", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54136", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3lvo5fvan4k2h", "content": "", "creation_timestamp": "2025-08-05T16:37:43.394412Z"}, {"uuid": "960177f6-3c78-4b31-b060-f0dd1db52a9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54136", "type": "seen", "source": "https://thehackernews.com/2025/08/cursor-ai-code-editor-vulnerability.html", "content": "", "creation_timestamp": "2025-08-05T11:01:00.000000Z"}, {"uuid": "5f3ab69f-9938-4828-89d2-ec315f43207d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54136", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3lvoujqir6o2a", "content": "", "creation_timestamp": "2025-08-05T23:31:26.500041Z"}, {"uuid": "0ed7da81-5532-46b0-833f-41a60bda42cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54136", "type": "published-proof-of-concept", "source": "https://t.me/cKure/15169", "content": "\ud83d\udc69\u200d\ud83d\udcbb \ud83d\udcf1 CVE-2025-54136 \u2013  MCPoison Cursor IDE: Persistent Code Execution via MCP Trust Bypass.\n\nhttps://research.checkpoint.com/2025/cursor-vulnerability-mcpoison/", "creation_timestamp": "2025-08-05T19:10:10.000000Z"}, {"uuid": "a68e5f6c-6f4e-4200-819a-24478427142c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54136", "type": "seen", "source": "https://bsky.app/profile/eyalestrin.bsky.social/post/3lvuoy232du25", "content": "", "creation_timestamp": "2025-08-08T07:08:01.618599Z"}, {"uuid": "371ddfc4-9a8a-4540-b127-4a5323958869", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-54136", "type": "seen", "source": "https://bsky.app/profile/flarestart.bsky.social/post/3mgajjp2g4n22", "content": "", "creation_timestamp": "2026-03-04T14:45:35.078465Z"}, {"uuid": "d6b00545-a4fc-47aa-9fa1-371107a5d7a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54136", "type": "seen", "source": "https://threatintel.cc/2025/08/06/cve-mcpoison-cursor-ide-persistent.html", "content": "", "creation_timestamp": "2025-08-06T10:00:44.000000Z"}, {"uuid": "6e707827-5a73-41e1-92bf-8fc7563abb6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54136", "type": "seen", "source": "https://bsky.app/profile/hasamba72.bsky.social/post/3mkl4nscgnc2l", "content": "", "creation_timestamp": "2026-04-28T17:35:17.635113Z"}, {"uuid": "625e78e2-3c05-49a9-aa11-b6fc09719944", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54136", "type": "published-proof-of-concept", "source": "https://t.me/thehackernews/7284", "content": "\ud83d\udea8 A high-severity flaw in Cursor AI (CVE-2025-54136) let attackers hijack trusted MCP configs\u2014triggering remote code execution every time you opened the project.\n\nNo re-prompt. No warning. Just silent compromise by modifying a config file you already trusted.\n\nLearn more \u2192 https://thehackernews.com/2025/08/cursor-ai-code-editor-vulnerability.html", "creation_timestamp": "2025-08-05T13:03:45.000000Z"}, {"uuid": "c4cd2de0-2431-4c1a-a580-856c29bc496c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54136", "type": "published-proof-of-concept", "source": "https://t.me/TopCyberTechNews/567", "content": "Top Security News for Today\n\nSurveilling Your Children with AirTags  \nhttps://www.schneier.com/blog/archives/2025/08/surveilling_your_children_with_airtags.html\n\nHTTP Request Smuggling Explained: with seasoned bug bounty hunter NahamSec and world-class researcher James Kettle  \nhttps://portswigger.net/blog/http-request-smuggling-explained-with-seasoned-bug-bounty-hunter-nahamsec-and-world-class-researcher-james-kettle\n\n3 Custom VT-x Hypervisors in C \u2013 EPT Cloaking, CPUID/MSR Spoofing &amp; VMX Control  \nhttps://www.reddit.com/r/lowlevel/comments/1mi5txt/3_custom_vtx_hypervisors_in_c_ept_cloaking/\n\nDutch Caribbean islands respond to cyberattacks on courts, tax departments  \nhttps://therecord.media/aruba-curacao-governments-cyberattacks\n\nCVE-2025-54136 \u2013 MCPoison Cursor IDE: Persistent Code Execution via MCP Trust Bypass  \nhttps://research.checkpoint.com/2025/cursor-vulnerability-mcpoison/\n\nTaiwan\u2019s TSMC fires engineers over suspected theft of semiconductor secrets  \nhttps://therecord.media/tsmc-fires-engineers-over-semiconductor-secrets-theft\n\nVietnamese-speaking hackers appear to be running global data theft operation through Telegram  \nhttps://therecord.media/pxa-infostealer-telegram-bots-vietnamese-speaking-hackers\n\nOdooMap - A Pentesting Tool for Odoo Applications  \nhttps://www.reddit.com/r/netsec/comments/1micsmu/odoomap_a_pentesting_tool_for_odoo_applications/\n\nElevate your protection with expanded Microsoft Defender Experts coverage  \nhttps://techcommunity.microsoft.com/blog/microsoftsecurityexperts/elevate-your-protection-with-expanded-microsoft-defender-experts-coverage/4439134\n\nBipartisan Senate duo wants answers from UnitedHealth over Episource data breach  \nhttps://therecord.media/episource-data-breach-questions-senators-cassidy-hassan\n\nFollow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman", "creation_timestamp": "2025-08-06T09:30:20.000000Z"}, {"uuid": "4ed092db-95a6-4a64-8bc1-eeda0622d4b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54136", "type": "published-proof-of-concept", "source": "Telegram/xqO0_PWLKtVwwojJCjCsYYBEBGCE-dt2EY-S6CjM_MXq4w", "content": "", "creation_timestamp": "2025-08-05T16:50:01.000000Z"}, {"uuid": "41cfb9c8-73c9-443b-bd69-ea73d618e8b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54136", "type": "seen", "source": "https://t.me/ctinow/235987", "content": "CVE-2025-54136 \u2013\u00a0 MCPoison Cursor IDE: Persistent Code Execution via MCP Trust Bypass\nhttps://ift.tt/XfQd1mH", "creation_timestamp": "2025-08-05T13:05:09.000000Z"}]}