CVE-2025-66580
Unknown Unknown - Not Provided
Stored XSS in Dive Mermaid Component Enables Remote Code Execution

Publication date: 2025-12-19

Last updated on: 2025-12-19

Assigner: GitHub, Inc.

Description
Dive is an open-source MCP Host Desktop Application that enables integration with function-calling LLMs. A critical Stored Cross-Site Scripting (XSS) vulnerability exists in versions prior to 0.11.1 in the Mermaid diagram rendering component. The application allows the execution of arbitrary JavaScript via `javascript:`. An attacker can exploit this to inject a malicious Model Context Protocol (MCP) server configuration, leading to Remote Code Execution (RCE) on the victim's machine when the node is clicked. Version 0.11.1 fixes the issue.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-19
Last Modified
2025-12-19
Generated
2026-06-16
AI Q&A
2025-12-19
EPSS Evaluated
2026-06-15
NVD
CVE-2025-66580
EUVD
EUVD-2025-204564
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
openagentplatform dive 0.11.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-94 The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-66580 is a critical Stored Cross-Site Scripting (XSS) vulnerability in the Dive application, specifically in the Mermaid diagram rendering component. The vulnerability arises because the Mermaid library is configured insecurely with `securityLevel: 'loose'`, allowing `javascript:` URIs in diagram nodes. An attacker can craft a malicious Mermaid graph that injects JavaScript code. When a user clicks on a malicious node, this JavaScript executes and sends a POST request to the backend API to overwrite the Model Context Protocol (MCP) server configuration with a malicious command. This leads to Remote Code Execution (RCE) on the victim's machine. The issue affects versions prior to 0.11.1, which fixes the vulnerability. [1]

Impact Analysis

This vulnerability can have severe impacts including Remote Code Execution (RCE) on the victim's machine, allowing an attacker to execute arbitrary commands such as launching applications or modifying system configurations. It can lead to complete compromise of confidentiality, integrity, and availability of the affected system, enabling data theft, unauthorized data modification, and service disruption. [1]

Detection Guidance

This vulnerability can be detected by identifying if your system is running Dive versions prior to 0.11.1 and checking for the presence of malicious Mermaid diagrams that include `javascript:` URIs in their `click` event handlers. You can monitor network traffic for POST requests to the backend endpoint `/api/config/mcpserver` that attempt to overwrite MCP server configurations with suspicious payloads. For detection, you might use network monitoring tools or commands such as `tcpdump` or `Wireshark` to filter for POST requests to `/api/config/mcpserver`. Additionally, scanning your Dive application files for Mermaid diagrams with `securityLevel: 'loose'` or `click` events containing `javascript:` URIs can help identify vulnerable configurations. [1]

Mitigation Strategies

The immediate mitigation step is to upgrade the Dive application to version 0.11.1 or later, where this vulnerability is fixed. Avoid using Mermaid diagrams with `securityLevel: 'loose'` and disable or sanitize any `javascript:` URIs in Mermaid graph `click` events. Additionally, restrict or monitor POST requests to `/api/config/mcpserver` to prevent unauthorized configuration changes. Applying these steps will prevent exploitation of the Stored XSS and subsequent Remote Code Execution. [1]

Compliance Impact

The provided resources do not contain information regarding the impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-66580. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart