CVE-2025-36730

Summary

A prompt injection vulnerability exists in Windsurft version 1.10.7 in Write mode using SWE-1 model.

It is possible to create a file name that will be appended to the user prompt causing Windsurf to follow its instructions.

Affected Software

VendorProductVersion RangeStatus
WindsurfWindsurf1.10.7affected

Weaknesses

  • CWE-1427: CWE-1427: Improper Neutralization of Input Used for LLM Prompting

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: partial

References