All 3 CVE vulnerabilities found in Dive, with AI-generated Chinese analysis, references, and POCs.
Vendor: OpenAgentPlatform
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-23523 | Dive allows One-click Remote Code Execution through Deep Links for MCP Install CWE-94 | 9.7 | Critical | 2026-01-16 |
| CVE-2025-66580 | Dive has Cross-Site Scripting vulnerability that can escalate to Remote Code Execution CWE-94 | 9.7 | Critical | 2025-12-19 |
| CVE-2025-58176 | Dive's improper processing of custom urls can lead to Remote Code Execution CWE-94 | 8.8 | High | 2025-09-03 |
All 3 known CVE vulnerabilities affecting Dive with full Chinese analysis, references, and POCs where available.