CVE-2025-58176
Last modified
CVE-2025-58176 is a high-severity vulnerability rated 8.8/10 on the CVSS scale. Dive is an open-source MCP Host Desktop Application that enables integration with function-calling LLMs. In versions 0.9.0 through 0.9.3, there is a one-click Remote Code Execution vulnerability triggered through a custom url value, `transport` in the JSON object. EPSS estimates a 7.70% chance of exploitation in the next 30 days.
Description
Dive is an open-source MCP Host Desktop Application that enables integration with function-calling LLMs. In versions 0.9.0 through 0.9.3, there is a one-click Remote Code Execution vulnerability triggered through a custom url value, `transport` in the JSON object. An attacker can exploit the vulnerability in the following two scenarios: a victim visits a malicious website controlled by the attacker and the website redirect to the URL automatically, or a victim clicks on such a crafted link embedded on a legitimate website (e.g., in user-generated content). In both cases, the browser invokes Dive's custom URL handler (dive:), which launches the Dive app and processes the crafted URL, leading to arbitrary code execution on the victim’s machine. This vulnerability is caused by improper processing of custom url. This is fixed in version 0.9.4.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Openagentplatform | Dive | >= 0.9.0, < 0.9.4 |
References
- https://github.com/OpenAgentPlatform/Dive/security/advisories/GHSA-2r34-7pgx-vvrcExploit, Vendor Advisory
- https://github.com/OpenAgentPlatform/Dive/security/advisories/GHSA-2r34-7pgx-vvrcExploit, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Analyzed
Frequently Asked Questions
What is CVE-2025-58176?
How severe is CVE-2025-58176?
How do I fix CVE-2025-58176?
Are you affected by CVE-2025-58176?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST