CVE-2026-23523
Dive · MCP Host Desktop Application
A vulnerability in the Dive MCP Host Desktop Application allows remote attackers to execute arbitrary local commands via a crafted deeplink.
Executive summary
A critical vulnerability in the Dive MCP Host Desktop Application allows unauthenticated attackers to achieve arbitrary local command execution on the victim's machine.
Vulnerability
The application fails to properly validate deeplink inputs, allowing an attacker to install a malicious MCP server configuration without sufficient user confirmation. This bypass leads to arbitrary code execution within the local environment of the application user.
Business impact
The ability to execute arbitrary local commands presents a severe risk of full system compromise, data exfiltration, and unauthorized access to local resources. Given the CVSS score of 9.6, this vulnerability represents a critical threat to the confidentiality, integrity, and availability of any workstation running the affected software.
Remediation
Immediate Action: Update the Dive MCP Host Desktop Application to version 0.13.0 or later immediately.
Proactive Monitoring: Monitor workstation logs for unexpected process execution or unauthorized modifications to MCP server configuration files.
Compensating Controls: Restrict the handling of untrusted deeplinks or URIs via system-level policies where possible until the update is deployed.
Exploitation status
Public Exploit Available: Unknown
Analyst recommendation
This vulnerability carries a critical severity rating due to the potential for complete host takeover. Organizations using the Dive MCP Host Desktop Application must prioritize patching to version 0.13.0 to mitigate the risk of arbitrary command execution.