Cherry Studio 代码注入漏洞

Cherry Studio is a multi-model AI assistant from China's Thousand Comets Cherry Studio. A code injection vulnerability exists in Cherry Studio, which stems from the direct execution of commands in base64-encoded configuration data when processing URLs of type cherrystudio://mcp, which could lead ...