{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-10T10:59:33.042","vulnerabilities":[{"cve":{"id":"CVE-2025-61929","sourceIdentifier":"security-advisories@github.com","published":"2025-10-10T20:15:38.613","lastModified":"2025-12-04T17:47:27.223","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Cherry Studio is a desktop client that supports for multiple LLM providers. Cherry Studio registers a custom protocol called `cherrystudio://`. When handling the MCP installation URL, it parses the base64-encoded configuration data and directly executes the command within it. In the files `src/main/services/ProtocolClient.ts` and `src/main/services/urlschema/mcp-install.ts`, when receiving a URL of the `cherrystudio://mcp` type, the `handleMcpProtocolUrl` function is called for processing. If an attacker crafts malicious content and posts it on a website or elsewhere (there are many exploitation methods, such as creating a malicious website with a button containing this malicious content), when the user clicks it, since the pop-up window contains normal content, the direct click is considered a scene action, and the malicious command is directly triggered, leading to the user being compromised. As of time of publication, no known patched versions exist."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H","baseScore":9.6,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":6.0}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-94"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cherry-ai:cherry_studio:*:*:*:*:*:*:*:*","versionEndExcluding":"1.6.4","matchCriteriaId":"01C7A7C2-CD82-4518-97CA-BC52A4D22C9F"}]}]}],"references":[{"url":"https://github.com/CherryHQ/cherry-studio/security/advisories/GHSA-hh6w-rmjc-26f6","source":"security-advisories@github.com","tags":["Exploit","Third Party Advisory"]}]}}]}