📦 Cherry Studio

by Cherry Ai

🔍 What is Cherry Studio?

Description coming soon...

🛡️ Security Overview

Click on a severity to filter vulnerabilities

⚠️ Known Vulnerabilities

CVE-2025-61929

CRITICAL CVSS 9.6 Oct 10, 2025

CVE-2025-61929 is a critical remote code execution vulnerability in Cherry Studio's custom protocol handler. Attackers can craft malicious cherrystudio:// URLs that execute arbitrary commands when cli...

CVE-2025-54074

CRITICAL CVSS 9.8 Aug 13, 2025

Cherry Studio desktop client versions 1.2.5 to 1.5.1 are vulnerable to OS command injection when connecting to malicious MCP servers in HTTP Streamable mode. Attackers can trick users into connecting ...