CVE-2026-13524 - Vulnerability Details

Description

A security vulnerability has been detected in CherryHQ cherry-studio up to 1.9.6. This vulnerability affects unknown code of the file src/main/services/mcp/oauth/callback.ts of the component MCP OAuth Local Callback Server. The manipulation of the argument code leads to improper authorization. The attack can be initiated remotely. The attack is considered to have high complexity. It is stated that the exploitability is difficult. The exploit has been disclosed publicly and may be used. The pull request to fix this issue awaits acceptance.

Published: 2026-06-29

Score: 6.3 Medium

EPSS: n/a

KEV: No

Impact:

Action:

Analysis

Impact

This vulnerability arises from improper handling of the 'code' argument in the MCP OAuth Local Callback Server endpoint of CherryHQ cherry-studio. Manipulating the argument enables an attacker to bypass normal authorization checks, granting unauthorized access to protected resources and potentially exposing sensitive information or enabling further malicious actions. The weakness is a classic example of improper authorization (CWE-266/CWE-285).

Affected Systems

Vulnerable versions are cherry-studio 1.9.6 and earlier. The issue resides in src/main/services/mcp/oauth/callback.ts. Systems running these versions are at risk; newer releases or patched code are not affected.

Risk and Exploitability

The vulnerability scores a CVSS of 6.3, reflecting moderately high severity. EPSS data is unavailable, so the current exploitation probability cannot be precisely quantified, but the public disclosure and the existence of a remote attack vector raise concern. No listing in CISA KEV indicates no known large-scale exploit, yet the high complexity and difficulty of exploitation suggest that attacks would require specialized knowledge. Administrators should treat it as a medium threat until an official fix is released.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

CherryHQ

cherry-studio

affected

Version	Status	Constraints
`1.9.0`	affected	—
`1.9.1`	affected	—
`1.9.2`	affected	—
`1.9.3`	affected	—
`1.9.4`	affected	—
`1.9.5`	affected	—
`1.9.6`	affected	—

No data.

No data available yet.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade cherry-studio to a version that includes the MCP OAuth Local Callback Server fix once the pull request is merged and released.
If an upgrade is not immediately possible, disable or restrict access to the MCP OAuth Local Callback Server endpoint to prevent remote exploitation.
Implement additional request validation on the 'code' parameter to enforce strict formatting and origin checks, reducing the risk of manipulation.
Monitor authentication logs for anomalous callback activity and apply security hardening measures such as rate limiting or IP whitelisting.

Generated by OpenCVE AI on June 29, 2026 at 03:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

Attack Vector Network

Attack Complexity High

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact Low

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact Low

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Access Vector Network

Access Complexity High

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://github.com/CherryHQ/cherry-studio/
https://github.com/CherryHQ/cherry-studio/issues/15372
https://github.com/CherryHQ/cherry-studio/pull/15388
https://vuldb.com/cve/CVE-2026-13524
https://vuldb.com/submit/840175
https://vuldb.com/vuln/374532
https://vuldb.com/vuln/374532/cti

History

Mon, 29 Jun 2026 02:30:00 +0000

Type	Values Removed	Values Added
Description		A security vulnerability has been detected in CherryHQ cherry-studio up to 1.9.6. This vulnerability affects unknown code of the file src/main/services/mcp/oauth/callback.ts of the component MCP OAuth Local Callback Server. The manipulation of the argument code leads to improper authorization. The attack can be initiated remotely. The attack is considered to have high complexity. It is stated that the exploitability is difficult. The exploit has been disclosed publicly and may be used. The pull request to fix this issue awaits acceptance.
Title		CherryHQ cherry-studio MCP OAuth Local Callback Server callback.ts improper authorization
First Time appeared		Cherryhq Cherryhq cherry-studio
Weaknesses		CWE-266 CWE-285
CPEs		cpe:2.3:a:cherryhq:cherry-studio::::::::
Vendors & Products		Cherryhq Cherryhq cherry-studio
References		https://github.com/CherryHQ/cherry-studio/ https://github.com/CherryHQ/cherry-studio/issues/15372 https://github.com/CherryHQ/cherry-studio/pull/15388 https://vuldb.com/cve/CVE-2026-13524 https://vuldb.com/submit/840175 https://vuldb.com/vuln/374532 https://vuldb.com/vuln/374532/cti
Metrics		cvssV2_0 `{'score': 5.1, 'vector': 'AV:N/AC:H/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}` cvssV3_0 `{'score': 5.6, 'vector': 'CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}` cvssV3_1 `{'score': 5.6, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}` cvssV4_0 `{'score': 6.3, 'vector': 'CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}`

Subscriptions

Cherryhq Cherry-studio

MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2026-06-29T01:45:08.988Z

Updated: 2026-06-29T01:45:08.988Z

Reserved: 2026-06-28T07:50:21.081Z

Link: CVE-2026-13524

Vulnrichment

No data.

NVD

No data.

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-06-29T04:00:05Z

Weaknesses

CWE-266
Incorrect Privilege Assignment
CWE-285
Improper Authorization

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity High

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact Low

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact Low

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Access Vector Network

Access Complexity High

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object