1372 matches found
CVE-2025-54074
Cherry Studio is a desktop client that supports for multiple LLM providers. From versions 1.2.5 to 1.5.1, Cherry Studio is vulnerable to OS Command Injection during a connection with a malicious MCP server in HTTP Streamable mode. Attackers can setup a malicious MCP server with compatible OAuth...
CVE-2025-54382
Cherry Studio is a desktop client that supports for multiple LLM providers. In version 1.5.1, a remote code execution RCE vulnerability exists in the Cherry Studio platform when connecting to streamableHttp MCP servers. The issue arises from the server’s implicit trust in the oauth auth redirecti...
Malicious code in cherry-tiger-sjw894-project (npm)
The package cherry-tiger-sjw894-project was found to contain malicious code...
Malicious code in orange-cherry-vrym (npm)
The package orange-cherry-vrym was found to contain malicious code...
Malicious code in project-7br4s-cherry (npm)
The package project-7br4s-cherry was found to contain malicious code...
Malicious code in cherry-oscar-mlhc (npm)
The package cherry-oscar-mlhc was found to contain malicious code...
Malicious code in grape-cherry-fedo (npm)
The package grape-cherry-fedo was found to contain malicious code...
Malicious code in jalapeno-cherry-k98i (npm)
The package jalapeno-cherry-k98i was found to contain malicious code...
Malicious code in cherry-delta-catv (npm)
The package cherry-delta-catv was found to contain malicious code...
Malicious code in banana-cherry-orange-aholr (npm)
The package banana-cherry-orange-aholr was found to contain malicious code...
Malicious code in zucchini-watermelon-cherry-zmnum (npm)
The package zucchini-watermelon-cherry-zmnum was found to contain malicious code...
Malicious code in project-ibxg0-cherry (npm)
The package project-ibxg0-cherry was found to contain malicious code...
Malicious code in quebec-cherry-orange-kjngy (npm)
The package quebec-cherry-orange-kjngy was found to contain malicious code...
Malicious code in cherry-hotel-byxb (npm)
The package cherry-hotel-byxb was found to contain malicious code...
Malicious code in cherry-watermelon-yankee-flaox (npm)
The package cherry-watermelon-yankee-flaox was found to contain malicious code...
Malicious code in uniform-cherry-ukvf (npm)
The package uniform-cherry-ukvf was found to contain malicious code...
Malicious code in cherry-inferno-yqot (npm)
The package cherry-inferno-yqot was found to contain malicious code...
Malicious code in cherry-honeydew-yankee-rlbya (npm)
The package cherry-honeydew-yankee-rlbya was found to contain malicious code...
Malicious code in cherry-kilo-whiskey-kchbb (npm)
The package cherry-kilo-whiskey-kchbb was found to contain malicious code...
Malicious code in cherry-vve-project (npm)
The package cherry-vve-project was found to contain malicious code...