OPEN_SOURCE ↗
REDDIT · REDDIT// 18d agoSECURITY INCIDENT
LM Studio trips Windows Defender alarm
A Reddit user says Windows Defender found three hits tied to LM Studio after a full-drive scan, and commenters immediately asked for a VirusTotal check. The thread has no sample or hash, and a 2024 GitHub issue reported the same `Trojan:Win32/Cinjo.O!cl` label on LM Studio 0.3.5, so this reads more like a repeat false positive than a confirmed compromise.
// ANALYSIS
This looks more like a recurring antivirus false positive than a confirmed breach, but it still matters because local AI tools live or die on trust in their binaries.
- –LM Studio is positioned as a local/offline LLM app with an OpenAI-compatible server, so any Defender hit lands hard with developers who expect a clean desktop install.
- –A GitHub issue from October 2024 reported the exact same `Trojan:Win32/Cinjo.O!cl` detection on LM Studio 0.3.5, which makes this warning feel familiar.
- –Commenters in the Reddit thread asked for VirusTotal and the quarantined file, which is the right next step when the only evidence is a screenshot.
- –If this ever proves real, the key question is whether the detection came from the installer, an updater component, or a bundled asset the app fetched.
// TAGS
lm-studiollmself-hostedapidevtoolsafety
DISCOVERED
18d ago
2026-03-24
PUBLISHED
18d ago
2026-03-24
RELEVANCE
8/ 10
AUTHOR
mooncatx3