All 4 CVE vulnerabilities found in cherry-studio, with AI-generated Chinese analysis, references, and POCs.
Vendor: CherryHQ
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-61929 | Cherry Studio allows one-click on a specific URL to cause a command to execute CWE-94 | 9.7 | Critical | 2025-10-10 |
| CVE-2025-54382 | Cherry Studio RCE Vulnerability Disclosure CWE-78 | 9.7 | Critical | 2025-08-13 |
| CVE-2025-54074 | Cherry Studio is Vulnerable to OS Command Injection during Connection with a Malicious MCP Server CWE-78 | 8.8AI | HighAI | 2025-08-13 |
| CVE-2025-54063 | Cherry Studio One-click Remote Code Execution Vulnerability through Custom URL Handling CWE-94 | 8.0 | High | 2025-08-11 |
All 4 known CVE vulnerabilities affecting cherry-studio with full Chinese analysis, references, and POCs where available.