cbcvebase.

Cherry-Ai Cherry Studio vulnerabilities

4 known vulnerabilities affecting cherry-ai/cherry_studio.

Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL3HIGH1

Vulnerabilities

Page 1 of 1
CVE-2025-54074P2CRITICALCVSS 9.8≥ 1.2.5, < 1.5.22025-08-13
CVE-2025-54074 [CRITICAL] CWE-78 CVE-2025-54074: Cherry Studio is a desktop client that supports for multiple LLM providers. From versions 1.2.5 to 1 Cherry Studio is a desktop client that supports for multiple LLM providers. From versions 1.2.5 to 1.5.1, Cherry Studio is vulnerable to OS Command Injection during a connection with a malicious MCP server in HTTP Streamable mode. Attackers can setup a malicious MCP server with compatible OAuth authorization server endpoints and trick victims into
nvd
CVE-2025-54382P2HIGHCVSS 8.8fixed in 1.5.22025-08-13
CVE-2025-54382 [HIGH] CWE-78 CVE-2025-54382: Cherry Studio is a desktop client that supports for multiple LLM providers. In version 1.5.1, a remo Cherry Studio is a desktop client that supports for multiple LLM providers. In version 1.5.1, a remote code execution (RCE) vulnerability exists in the Cherry Studio platform when connecting to streamableHttp MCP servers. The issue arises from the server’s implicit trust in the oauth auth redirection endpoints and failure to properly sanitize the URL.
nvd
CVE-2025-54063P2CRITICALCVSS 9.6≥ 1.4.8, < 1.5.12025-08-11
CVE-2025-54063 [CRITICAL] CWE-94 CVE-2025-54063: Cherry Studio is a desktop client that supports for multiple LLM providers. From versions 1.4.8 to 1 Cherry Studio is a desktop client that supports for multiple LLM providers. From versions 1.4.8 to 1.5.0, there is a one-click remote code execution vulnerability through the custom URL handling. An attacker can exploit this by hosting a malicious website or embedding a specially crafted URL on any website. If a victim clicks the exploit link in th
nvd
CVE-2025-61929P3CRITICALCVSS 9.6fixed in 1.6.42025-10-10
CVE-2025-61929 [CRITICAL] CWE-94 CVE-2025-61929: Cherry Studio is a desktop client that supports for multiple LLM providers. Cherry Studio registers Cherry Studio is a desktop client that supports for multiple LLM providers. Cherry Studio registers a custom protocol called `cherrystudio://`. When handling the MCP installation URL, it parses the base64-encoded configuration data and directly executes the command within it. In the files `src/main/services/ProtocolClient.ts` and `src/main/services/
nvd
Cherry-Ai Cherry Studio vulnerabilities | cvebase