Cursor-built apps were the most secure in our 100-app study — but "most secure" still meant 18% had critical vulnerabilities and 64% had high-severity issues. Cursor gives you more control, which helps. It also means the security gaps are subtler and easier to miss in code review.
Cursor users are typically more technical than users of no-code platforms. The code quality is higher. But AI-assisted development introduces a specific class of risk: the AI suggests patterns that look correct in isolation but create security gaps in the full application context.
Cursor frequently generates Next.js middleware as the sole authentication layer. This pattern was directly exploitable via CVE-2025-29927, where a single HTTP header bypassed all middleware checks — authentication, authorization, CSP, rate limiting.
CVE-2025-29927 affected every Next.js version from 11.x through 15.x with a CVSS score of 9.1 (Critical). The fix is defense in depth: add server-side auth checks in route handlers and server components, not just middleware.
Cursor suggests packages based on its training data. Some of those suggestions include outdated versions with known vulnerabilities. The AI does not check whether a package has published CVEs before recommending it.
This is an inherited risk — the vulnerability exists in a dependency, not in your code. But it is your app that gets exploited. Regular npm audit checks catch the obvious cases, but transitive dependencies often slip through.
Cursor generates code one completion at a time. Each suggestion is locally correct but may introduce security gaps in the broader context — string concatenation in SQL queries, client-side auth checks, overly permissive CORS configurations.
In our study, 33% of vibe-coded apps had SQL or NoSQL injection points. The rate was lower in apps using ORMs like Prisma or Drizzle, but Cursor sometimes generates raw SQL when asked for specific queries.
Cursor-built apps often deploy without Content Security Policy, X-Frame-Options, or Strict-Transport-Security headers. The AI generates application logic but rarely configures deployment security.
47% of the 100 apps we tested were missing basic security headers. Cursor apps benefited somewhat from Vercel deployment defaults when hosted there, but many Cursor projects deploy elsewhere without those defaults.
With platforms like Lovable, the security gaps are systematic and obvious — RLS is off on every table. With Cursor, the issues are more nuanced. Each AI-generated code completion is locally reasonable. The vulnerability emerges from the interaction between components that were generated separately.
For example, Cursor might generate a middleware.ts file that correctly checks authentication. It might also generate an API route that fetches user data. Both look fine in isolation. But if the API route does not independently verify auth — relying entirely on middleware — then any middleware bypass (like CVE-2025-29927) gives unauthenticated access to all user data.
Similarly, Cursor might suggest a Prisma query that is safe against injection, but when you ask it for a custom SQL query, it generates string concatenation instead of parameterized queries. The AI optimizes for the immediate context, not the security posture of the whole application. That is why automated scanning catches things that code review misses — it tests the running app, not individual files.
Flowpatrol tests the running application, not just the code. It catches the gaps that emerge when individually correct components interact insecurely.
Verifies authentication is enforced in route handlers and server components, not just middleware. Catches single-layer auth that CVE-2025-29927 exposed as insufficient.
Probes API endpoints with crafted inputs to detect SQL injection, XSS, SSRF, and other injection vulnerabilities that safe-looking code can still produce.
Scans for exposed secrets, misconfigured headers, dependency vulnerabilities, and framework-specific issues across your entire deployed application.
The most common security issues we find in vibe-coded apps, with real examples and fixes.
How one HTTP header bypassed all middleware auth in Next.js — the framework most Cursor apps use.
Why AI models generate injection-vulnerable queries and what safe patterns look like.
How AI generates working CRUD endpoints that miss the ownership check attackers exploit.
Cursor gave you a head start. A five-minute scan tells you what to fix before you launch.