76 matches found
CVE-2025-53967
Framelink Figma MCP Server before 0.6.3 allows an unauthenticated remote attacker to execute arbitrary operating system commands via a crafted HTTP POST request with shell metacharacters in input that is used by a fetchWithRetry curl command. The vulnerable endpoint fails to properly sanitize...
CVE-2025-53967
Framelink Figma MCP Server before 0.6.3 allows an unauthenticated remote attacker to execute arbitrary operating system commands via a crafted HTTP POST request with shell metacharacters in input that is used by a fetchWithRetry curl command. The vulnerable endpoint fails to properly sanitize...
Severe Framelink Figma MCP Vulnerability Lets Hackers Execute Code Remotely
Cybersecurity researchers have disclosed details of a now-patched vulnerability in the popular figma-developer-mcp Model Context Protocol MCP server that could allow attackers to achieve code execution. The vulnerability, tracked as CVE-2025-53967 CVSS score: 7.5, is a command injection bug...
CVE-2025-53967
CVE-2025-53967 affects Framelink Figma MCP Server prior to 0.6.3. The vulnerability is a command injection in the MCP server’s input handling, where user-controlled data is interpolated into shell commands (via a curl fallback in fetch-with-retry), enabling an unauthenticated remote attacker to e...
Framelink Figma MCP Server 安全漏洞
Framelink Figma MCP Server is an MCP server from the individual developer Graham Lipsman. A security vulnerability exists in Framelink Figma MCP Server versions prior to 0.6.3 that stems from not properly cleaning up user input and could lead to the execution of arbitrary operating system command...
CVE-2025-53967
Framelink Figma MCP Server before 0.6.3 allows an unauthenticated remote attacker to execute arbitrary operating system commands via a crafted HTTP POST request with shell metacharacters in input that is used by a fetchWithRetry curl command. The vulnerable endpoint fails to properly sanitize...
EUVD-2025-31753
Framelink Figma MCP Server before 0.6.3 allows an unauthenticated remote attacker to execute arbitrary operating system commands via a crafted HTTP POST request with shell metacharacters in input that is used by a fetchWithRetry curl command. The vulnerable endpoint fails to properly sanitize...
CVE-2025-53967
Framelink Figma MCP Server before 0.6.3 allows an unauthenticated remote attacker to execute arbitrary operating system commands via a crafted HTTP POST request with shell metacharacters in input that is used by a fetchWithRetry curl command. The vulnerable endpoint fails to properly sanitize...
Another Critical RCE Discovered in a Popular MCP Server
Artificial Intelligence development is moving faster than secure coding practices, and attackers are taking notice. Imperva Threat Research recently uncovered and disclosed a critical Remote Code Execution RCE vulnerability CVE-2025-53967 in the Framelink Figma MCP Server. This is just one exampl...
EUVD-2025-26625
Malicious code in bioql PyPI...
Arbitrary Command Injection
Overview figma-developer-mcp is a Give your coding agent access to your Figma data. Implement designs in any framework in one-shot. Affected versions of this package are vulnerable to Arbitrary Command Injection via the childprocess.exec call using unvalidated user input directly within...
figma-developer-mcp vulnerable to command injection in get_figma_data tool
Summary A command injection vulnerability exists in the figma-developer-mcp MCP Server. The vulnerability is caused by the unsanitized use of input parameters within a call to childprocess.exec, enabling an attacker to inject arbitrary system commands. Successful exploitation can lead to remote...
GHSA-GXW4-4FC5-9GR5 figma-developer-mcp vulnerable to command injection in get_figma_data tool
Summary A command injection vulnerability exists in the figma-developer-mcp MCP Server. The vulnerability is caused by the unsanitized use of input parameters within a call to childprocess.exec, enabling an attacker to inject arbitrary system commands. Successful exploitation can lead to remote...
PT-2025-40054
Name of the Vulnerable Software and Affected Versions Framelink Figma MCP Server versions prior to 0.6.3 Figma-developer-mcp versions prior to 0.6.3 Description A command injection flaw exists in the Framelink Figma MCP Server, allowing an unauthenticated remote attacker to execute arbitrary...
PT-2025-40046
Summary A command injection vulnerability exists in the figma-developer-mcp MCP Server. The vulnerability is caused by the unsanitized use of input parameters within a call to child process.exec, enabling an attacker to inject arbitrary system commands. Successful exploitation can lead to remote...
CVE-2025-53967
creationtimestamp| type| source ---|---|--- 2025-09-29 17:54:15+00:00| published-proof-of-concept| https://github.com/GLips/Figma-Context-MCP/security/advisories/GHSA-gxw4-4fc5-9gr5 2025-10-08 08:58:00+00:00| seen| https://thehackernews.com/2025/10/severe-figma-mcp-vulnerability-lets.html...
CryptoGuard: an AI-Based Cryptojacking Detection Dashboard Prototype
With the widespread adoption of cryptocurrencies, cryptojacking has become a significant security threat to crypto wallet users. This paper presents a front-end prototype of an AI-powered security dashboard, namely, CryptoGuard. Developed through a user-centered design process, the prototype was...
CVE-2025-56803
Figma Desktop for Windows version 125.6.5 contains a command injection vulnerability in the local plugin loader. An attacker can execute arbitrary OS commands by setting a crafted build field in the plugin's manifest.json. This field is passed to childprocess.exec without validation, leading to...
CVE-2025-56803
Figma Desktop for Windows version 125.6.5 contains a command injection vulnerability in the local plugin loader. An attacker can execute arbitrary OS commands by setting a crafted build field in the plugin's manifest.json. This field is passed to childprocess.exec without validation, leading to...
CVE-2025-56803
Figma Desktop for Windows version 125.6.5 contains a command injection vulnerability in the local plugin loader. An attacker can execute arbitrary OS commands by setting a crafted build field in the plugin's manifest.json. This field is passed to childprocess.exec without validation, leading to...