Cursor

AI Agent Reliability Report

6.1
Avg Severity /10
5
Total Incidents
2
Critical
0
High

Failure Modes

Security Vulnerability 1
Destructive Action 1
Infinite Loop 1
Scope Explosion 1
Hallucination 1

Root Causes

Scope Misunderstanding 2
Tool Misuse 1
Pattern Matching Error 1
Confidence Miscalibration 1

Frequently Asked Questions

Is Cursor reliable?

Based on 5 documented incidents, Cursor has an average failure severity of 6.1/10. 2 incidents were rated critical and 0 were rated high severity. Common failure modes include security vulnerability.

What are the most common Cursor failures?

The most frequently documented Cursor failure modes are: security vulnerability (1 incidents), destructive action (1 incidents), infinite loop (1 incidents). These failures range from critical to high severity.

How many Cursor AI failures have been documented?

StupidLLM has documented 5 Cursor AI agent failures. Each incident is severity-scored on a 0-10 scale, verified against source evidence, and categorized by failure mode and root cause.

All Cursor Incidents

STUPID-2026-0029 10/10 CRITICAL security vulnerability Verified

Malicious cloned repository triggered code execution in Cursor on Windows

A vulnerability disclosed in July 2026 allowed a malicious cloned repository to trigger code execution in the Cursor editor on Windows. Reviewing untrusted code by cloning and open

STUPID-2026-0025 10/10 CRITICAL destructive action Verified

Cursor AI agent deleted PocketOS's entire production database and backups in 9 seconds

On April 25, 2026, an AI coding agent running in Cursor and powered by Anthropic's Claude Opus 4.6 deleted the entire production database of PocketOS, an automotive SaaS platform f

STUPID-2026-0002 4.1/10 MEDIUM infinite loop Verified

Cursor entered infinite edit loop burning $200 in API costs

While fixing a CSS layout issue, Cursor Agent got stuck in a loop: it would edit a Tailwind class, see the lint warning about the previous class it removed, re-add it, see the orig

STUPID-2026-0009 3.6/10 LOW scope explosion Verified

Cursor Agent rewrote entire file instead of making targeted edit

Asked to fix a single typo in a 2000-line configuration file, Cursor Agent decided to 'improve' the entire file. It reformatted all YAML, reordered keys alphabetically, removed com

STUPID-2026-0036 2.9/10 LOW hallucination Verified

Cursor's own support AI 'Sam' invented a one-device login policy, triggering subscription cancellations

In April 2025, Cursor users began getting unexpectedly logged out — caused by a session-management race condition on slow connections. When they contacted support, Cursor's AI supp