Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/12/09 8:27 a.m.7 views

CVE-2025-66553

Nextcloud Tables allows you to create your own tables with individual columns. Prior to 0.8.7 and 0.9.4, authenticated users were able to view meta data of columns in other tables of the Tables app by modifying the numeric ID in a request. This vulnerability is fixed in 0.8.7 and 0.9.4...

4.3CVSS6.5AI score0.0024EPSS
Exploits0References1
NVD
NVD
added 2025/09/03 4:16 a.m.7 views

CVE-2025-58176

Dive is an open-source MCP Host Desktop Application that enables integration with function-calling LLMs. In versions 0.9.0 through 0.9.3, there is a one-click Remote Code Execution vulnerability triggered through a custom url value, transport in the JSON object. An attacker can exploit the...

8.8CVSS0.07702EPSS
Exploits1References2
CVE
CVE
added 2025/09/03 3:52 a.m.23 views

CVE-2025-58176

CVE-2025-58176 affects Dive (open-source MCP Host Desktop Application). Vulnerable versions: 0.9.0–0.9.3. A one-click Remote Code Execution vulnerability arises from improper handling of a custom URL value, transport, within a JSON object. An attacker can trigger code execution when a victim visi...

8.8CVSS7.6AI score0.07702EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/09/03 3:52 a.m.2 views

CVE-2025-58176 Dive's improper processing of custom urls can lead to Remote Code Execution

Dive is an open-source MCP Host Desktop Application that enables integration with function-calling LLMs. In versions 0.9.0 through 0.9.3, there is a one-click Remote Code Execution vulnerability triggered through a custom url value, transport in the JSON object. An attacker can exploit the...

8.8CVSS7.6AI score0.07702EPSS
Exploits1References2
OSV
OSV
added 2025/09/03 3:52 a.m.5 views

CVE-2025-58176 Dive's improper processing of custom urls can lead to Remote Code Execution

Dive is an open-source MCP Host Desktop Application that enables integration with function-calling LLMs. In versions 0.9.0 through 0.9.3, there is a one-click Remote Code Execution vulnerability triggered through a custom url value, transport in the JSON object. An attacker can exploit the...

8.8CVSS8AI score0.07702EPSS
Exploits1References4
Rows per page
Query Builder