Cursor's MCP trust is "approve once, trust forever" — here's a free way to check your config
A security vulnerability, CVE-2025-54136 or "MCPoison," has been identified in Cursor's MCP (Machine Configuration Protocol) server trust mechanism. This flaw allowed for persistent remote code execution if a user approved a malicious MCP server configuration, as Cursor would not re-prompt for subsequent changes. While patched, the underlying issue of trusting configurations indefinitely persists, prompting the development of a free scanner to detect similar vulnerabilities in user configurations. AI
IMPACT Highlights potential security risks in AI development tools and the need for robust configuration management.