CVE-2025-58176HIGH 8.8EPSS p93.8%

CVE-2025-58176CVE-2025-58176

Description

Dive is an open-source MCP Host Desktop Application that enables integration with function-calling LLMs. In versions 0.9.0 through 0.9.3, there is a one-click Remote Code Execution vulnerability triggered through a custom url value, `transport` in the JSON object. An attacker can exploit the vulnerability in the following two scenarios: a victim visits a malicious website controlled by the attacker and the website redirect to the URL automatically, or a victim clicks on such a crafted link embedded on a legitimate website (e.g., in user-generated content). In both cases, the browser invokes Dive's custom URL handler (dive:), which launches the Dive app and processes the crafted URL, leading to arbitrary code execution on the victim’s machine. This vulnerability is caused by improper processing of custom url. This is fixed in version 0.9.4.

Scoring

CVSS 3.18.8 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS7.70% probability of exploitation · percentile 93.8% · 2026-06-18T12:00:27Z
Published2025-09-03
Last modified2025-09-11

Underlying weaknesses· 1

CWE-94

References

  1. https://github.com/OpenAgentPlatform/Dive/commit/acae6d40354d380f69f8241e9122a43ff64cff11
  2. https://github.com/OpenAgentPlatform/Dive/security/advisories/GHSA-2r34-7pgx-vvrc
  3. https://github.com/OpenAgentPlatform/Dive/security/advisories/GHSA-2r34-7pgx-vvrc

1

TypeTargetConfidenceTier
WeaknessImproper Control of Generation of Code ('Code Injection')cwe-940%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-23523
CVE
CVE-2025-66580
CVE
CVE-2025-55733
CVE
CVE-2025-67744
CVE
CVE-2026-43899
CVE
CVE-2025-66222
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.