Windsurf AI editor critical path traversal enables data exfiltration

Oct 2025

CVE-2025-62353 (CVSS 9.8) allowed attackers to read and write arbitrary files on developers' systems using the Windsurf AI coding IDE. The vulnerability could be triggered via indirect prompt injection hidden in project files like README.md, exfiltrating secrets even when auto-execution was disabled.

Incident Details

Perpetrator:AI coding IDE

Severity:Catastrophic

Blast Radius:All Windsurf users on version 1.12.12 and older exposed to arbitrary file access and credential theft via prompt injection

Tech Stack

Windsurf AI IDE

References

HiddenLayer: Windsurf Vulnerability Report ↗NVD: CVE-2025-62353 ↗