Description
A vulnerability was detected in CherryHQ cherry-studio up to 1.9.7. This affects the function sha256 of the file src/main/services/memory/MemoryService.ts of the component CherryIN Preload API. Performing a manipulation of the argument state results in authorization bypass. The attack can be initiated remotely. The attack's complexity is rated as high. It is indicated that the exploitability is difficult. The exploit is now public and may be used. The vendor explains, that "[m]emory is planned to be removed in v2 version."
Published: 2026-06-29
Score: 2.3 Low
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A flaw in the sha256 function of the MemoryService.ts component in CherryHQ cherry-studio enables attackers to manipulate the state argument and bypass authorization checks. The vulnerability satisfies CWE-285 (Authorization Bypass) and CWE-639 (Authorization Bypass Through User-Controlled Input), allowing remote clients to gain unauthorized access to protected operations.

Affected Systems

CherryHQ cherry-studio versions up to and including 1.9.7 are affected. The issue exists in the CherryIN Preload API layer and is present in releases before 1.9.8.

Risk and Exploitability

The CVSS score of 2.3 indicates low severity, but the exploiting process requires high complexity and is considered difficult. Even so, the exploit code is publicly available and the attack can be initiated remotely. The EPSS score is not provided, and the vulnerability is not listed in the CISA KEV catalog.

Generated by OpenCVE AI on June 29, 2026 at 06:22 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade cherry-studio to version 2.0 or later, where the MemoryService component has been removed and the flaw eliminated
  • Apply network restrictions or firewall rules to limit external access to the CherryIN Preload API endpoint
  • Implement input validation for the state parameter to enforce strict authorization checks before processing

Generated by OpenCVE AI on June 29, 2026 at 06:22 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 29 Jun 2026 05:30:00 +0000

Type Values Removed Values Added
Description A vulnerability was detected in CherryHQ cherry-studio up to 1.9.7. This affects the function sha256 of the file src/main/services/memory/MemoryService.ts of the component CherryIN Preload API. Performing a manipulation of the argument state results in authorization bypass. The attack can be initiated remotely. The attack's complexity is rated as high. It is indicated that the exploitability is difficult. The exploit is now public and may be used. The vendor explains, that "[m]emory is planned to be removed in v2 version."
Title CherryHQ cherry-studio CherryIN Preload API MemoryService.ts sha256 authorization
First Time appeared Cherryhq
Cherryhq cherry-studio
Weaknesses CWE-285
CWE-639
CPEs cpe:2.3:a:cherryhq:cherry-studio:*:*:*:*:*:*:*:*
Vendors & Products Cherryhq
Cherryhq cherry-studio
References
Metrics cvssV2_0

{'score': 4.6, 'vector': 'AV:N/AC:H/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 5, 'vector': 'CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 5, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 2.3, 'vector': 'CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Cherryhq Cherry-studio
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-06-29T04:15:09.623Z

Reserved: 2026-06-28T09:26:12.051Z

Link: CVE-2026-13534

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-29T06:30:04Z

Weaknesses
  • CWE-285

    Improper Authorization

  • CWE-639

    Authorization Bypass Through User-Controlled Key