A vulnerability was found in CherryHQ cherry-studio up to 1.9.12. It has been classified as critical. This vulnerability affects unknown code of the component SearchService. The manipulation leads to improper isolation or compartmentalization.

This vulnerability is traded as CVE-2026-40501. It is possible to initiate the attack remotely. There is no exploit available.