CVE-2025-54132 | Cursor up to 1.2 Mermaid server-side request forgery (GHSA-43wj-mwcc-x93p / EUVD-2025-23407)
A vulnerability labeled as critical has been found in Cursor up to 1.2. This impacts an unknown function of the component Mermaid. Executing manipulation can lead to server-side request forgery.
This vulnerability is registered as CVE-2025-54132. It is possible to launch the attack remotely. No exploit is available.
The affected component should be upgraded.