CVE-2025-58176
📋 TL;DR
CVE-2025-58176 is a one-click remote code execution vulnerability in Dive MCP Host Desktop Application versions 0.9.0 through 0.9.3. Attackers can exploit this by tricking victims into clicking malicious links or visiting compromised websites, which triggers Dive's custom URL handler and executes arbitrary code on the victim's machine. All users running vulnerable versions of Dive are affected.
💻 Affected Systems
- Dive MCP Host Desktop Application
📦 What is this software?
Dive by Openagentplatform
⚠️ Risk & Real-World Impact
Worst Case
Full system compromise with attacker gaining complete control over the victim's machine, potentially leading to data theft, ransomware deployment, or lateral movement within the network.
Likely Case
Attacker executes arbitrary code with the privileges of the Dive application user, potentially installing malware, stealing credentials, or accessing sensitive files.
If Mitigated
If proper controls are in place, the impact is limited to the user context running Dive, but still represents significant risk to user data and system integrity.
🎯 Exploit Status
Exploitation requires user interaction (clicking a link or visiting a malicious website), but the technical complexity is low once the user action is triggered.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 0.9.4
Vendor Advisory: https://github.com/OpenAgentPlatform/Dive/security/advisories/GHSA-2r34-7pgx-vvrc
Restart Required: Yes
Instructions:
1. Download Dive version 0.9.4 or later from the official repository. 2. Uninstall the vulnerable version. 3. Install the patched version. 4. Restart the application.
🔧 Temporary Workarounds
Disable Dive URL Handler
allRemove or disable the dive: URL protocol handler registration to prevent automatic application launch from malicious links.
Windows: reg delete "HKCU\Software\Classes\dive" /f
macOS: defaults delete com.openagentplatform.dive
Linux: Remove dive.desktop file from ~/.local/share/applications/
Browser URL Handler Blocking
allConfigure browsers to block or prompt before launching external URL handlers.
Firefox: about:config -> set network.protocol-handler.external.dive to false
Chrome: chrome://settings/handlers -> Block dive: protocol
🧯 If You Can't Patch
- Uninstall Dive completely until patching is possible.
- Use application whitelisting to block Dive execution entirely.
🔍 How to Verify
Check if Vulnerable:
Check Dive version in application settings or via command line: dive --versionCheck Version:
dive --versionVerify Fix Applied:
Confirm version is 0.9.4 or higher using: dive --version📡 Detection & Monitoring
Log Indicators:
- Process creation events for Dive with unusual command-line arguments
- System logs showing dive: protocol handler invocations from browser processes
Network Indicators:
- HTTP requests to malicious domains followed by dive: protocol handler launches
SIEM Query:
process_name:"dive.exe" OR process_name:"Dive" AND (command_line:"*transport*" OR parent_process:"browser.exe")