2 matches found
CVE-2026-23523
Dive is an open-source MCP Host Desktop Application that enables integration with function-calling LLMs. Prior to 0.13.0, crafted deeplink can install an attacker-controlled MCP server configuration without sufficient user confirmation and can lead to arbitrary local command execution on the...
PT-2025-35657
Name of the Vulnerable Software and Affected Versions Dive versions 0.9.0 through 0.9.3 Description Dive is an open-source MCP Host Desktop Application that enables integration with function-calling LLMs. Versions 0.9.0 through 0.9.3 contain a Remote Code Execution RCE vulnerability triggered by ...