Scan free
CRITICALCVE-2026-23523CVSS 9.7

CVE-2026-23523: RCE in Dive MCP Host Desktop Application

Platform

other

Component

dive

Fixed in

0.13.1

AI Confidence: highNVDEPSS 0.0%Reviewed: May 2026
View on NVD
Save

CVE-2026-23523 describes a Remote Code Execution (RCE) vulnerability discovered in Dive, an open-source MCP Host Desktop Application. This flaw allows an attacker to install a malicious MCP server configuration via a crafted deeplink, ultimately leading to arbitrary local command execution on the victim's machine. The vulnerability impacts versions of Dive prior to 0.13.0, and a fix is available in version 0.13.0.

Impact and Attack Scenarios

The impact of CVE-2026-23523 is severe. An attacker can exploit this vulnerability to gain complete control over a victim's machine by executing arbitrary commands. This could involve installing malware, stealing sensitive data, or pivoting to other systems on the network. The attack vector, a crafted deeplink, makes this vulnerability particularly concerning as it can be delivered through various channels, such as email or malicious websites, potentially affecting a wide range of users. The ability to install a malicious MCP server configuration without sufficient user confirmation significantly lowers the barrier to exploitation.

Exploitation Context

CVE-2026-23523 was publicly disclosed on 2026-01-16. The vulnerability's ease of exploitation, combined with the potential for widespread impact, warrants careful attention. No public proof-of-concept (POC) code has been released at the time of this writing, but the vulnerability's nature suggests that a POC is likely to emerge. It is not currently listed on the CISA KEV catalog.

Threat Intelligence

Exploit Status

Proof of ConceptUnknown
CISA KEVNO
Internet ExposureHigh

EPSS

0.03% (8% percentile)

CISA SSVC

Exploitationpoc
Automatableno
Technical Impacttotal

CVSS Vector

THREAT INTELLIGENCE· CVSS 3.1CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H9.7CRITICALAttack VectorNetworkHow the attacker reaches the targetAttack ComplexityLowConditions required to exploitPrivileges RequiredNoneAuthentication level needed to attackUser InteractionRequiredWhether a victim must take actionScopeChangedImpact beyond the vulnerable componentConfidentialityHighRisk of sensitive data exposureIntegrityHighRisk of unauthorized data modificationAvailabilityHighRisk of service disruptionnextguardhq.com · CVSS v3.1 Base Score
What do these metrics mean?
Attack Vector
Network — remotely exploitable over the internet. No physical or local access required. Widest attack surface.
Attack Complexity
Low — no special conditions required. Attacker can exploit reliably without depending on rare configurations or timing.
Privileges Required
None — unauthenticated. No login or credentials needed to exploit.
User Interaction
Required — victim must take an action: open a file, click a link, or visit a crafted page.
Scope
Changed — successful attack can pivot beyond the vulnerable component to other systems or the host OS.
Confidentiality
High — complete confidentiality loss. Attacker can read all data: credentials, keys, personal data.
Integrity
High — attacker can write, modify, or delete any data: databases, config files, or code.
Availability
High — complete crash or resource exhaustion. Full denial of service.

Affected Software

Componentdive
VendorOpenAgentPlatform
Affected rangeFixed in
< 0.13.0 – < 0.13.00.13.1

Weakness Classification (CWE)

CWE-94

Timeline

  1. Reserved
  2. Published
  3. EPSS updated

Mitigation and Workarounds

The primary mitigation for CVE-2026-23523 is to immediately upgrade Dive to version 0.13.0 or later. If upgrading is not immediately feasible, consider implementing stricter input validation on deeplinks to prevent the installation of unauthorized MCP server configurations. While a direct workaround is not available, carefully scrutinizing any deeplinks received from untrusted sources is crucial. After upgrading, verify the installation by attempting to launch Dive and confirming that no unexpected processes are running or network connections are established.

How to fix

Update Dive to version 0.13.0 or later. This version corrects the vulnerability that allows remote code execution through manipulated deep links. The update will prevent an attacker from installing an attacker-controlled MCP server configuration on your machine.

CVE Security Newsletter

Vulnerability analysis and critical alerts directly to your inbox.

Frequently asked questions

What is CVE-2026-23523 — Remote Code Execution in Dive?

CVE-2026-23523 is a critical RCE vulnerability in Dive versions prior to 0.13.0. A crafted deeplink can lead to arbitrary local command execution on a victim's machine.

Am I affected by CVE-2026-23523 in Dive?

Yes, if you are using Dive version 0.13.0 or earlier, you are vulnerable to this RCE vulnerability.

How do I fix CVE-2026-23523 in Dive?

Upgrade Dive to version 0.13.0 or later to remediate the vulnerability. If immediate upgrade is not possible, carefully scrutinize deeplinks from untrusted sources.

Is CVE-2026-23523 being actively exploited?

While no active exploitation has been confirmed, the vulnerability's ease of exploitation suggests it may be targeted in the future.

Where can I find the official Dive advisory for CVE-2026-23523?

Refer to the Dive project's official website and GitHub repository for the latest security advisories and updates.

Is your project affected?

Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.

Scan freeSearch CVEs