Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

OSV
OSVadded 2026/01/23 4:16 a.m.2 views

CVE-2025-15061

Framelink Figma MCP Server fetchWithRetry Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Framelink Figma MCP Server. Authentication is not required to exploit this vulnerability. The specific...

9.8CVSS6.4AI score
Exploits0References2
NVD
NVDadded 2026/01/23 4:16 a.m.6 views

CVE-2025-15061

Framelink Figma MCP Server fetchWithRetry Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Framelink Figma MCP Server. Authentication is not required to exploit this vulnerability. The specific...

9.8CVSS0.00405EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/01/23 3:20 a.m.24 views

CVE-2025-15061 Framelink Figma MCP Server fetchWithRetry Command Injection Remote Code Execution Vulnerability

Framelink Figma MCP Server fetchWithRetry Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Framelink Figma MCP Server. Authentication is not required to exploit this vulnerability. The specific...

9.8CVSS0.00405EPSS
Exploits0References2
CVE
CVEadded 2026/01/23 3:20 a.m.9 views

CVE-2025-15061

CVE-2025-15061 affects Framelink Figma MCP Server. The flaw is in the fetchWithRetry method, where a user-supplied string is not properly validated before being used in a system call, enabling remote command execution with the service account’s privileges. Attack requires network access and no au...

9.8CVSS6.5AI score0.00405EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/01/23 3:20 a.m.2 views

CVE-2025-15061 Framelink Figma MCP Server fetchWithRetry Command Injection Remote Code Execution Vulnerability

Framelink Figma MCP Server fetchWithRetry Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Framelink Figma MCP Server. Authentication is not required to exploit this vulnerability. The specific...

9.8CVSS6.5AI score0.00405EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/01/23 3:20 a.m.1 views

CVE-2025-15061

Framelink Figma MCP Server fetchWithRetry Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Framelink Figma MCP Server. Authentication is not required to exploit this vulnerability. The specific...

9.8CVSS6.3AI score0.00405EPSS
Exploits0References3
Rows per page
Query Builder