Tag: api key security

1 article

Cluttered developer workstation with laptop, coding tools, and notebook in a bright, neutral office space.

Cursor Flaw Exposes Developer API Keys to Unrestricted Access

A single design flaw in the AI-powered development tool Cursor has been found to expose developer API keys to unrestricted access, earning a high-severity CVSS score of 8.2. This vulnerability stems from Cursor's weak storage design, which stores sensitive authentication data in a locally accessible SQLite database without proper protection.

Analyst 207Apr 29, 2026