10 matches found
๐ Figma Desktop Application 125.6.5 Remote Code Execution
Figma Desktop Application version 125.6.5 proof of concept remote code execution exploit that leverages the plugin manifest. ============================================================================================================================================= | Title : Figma Desktop...
EUVD-2025-26625
Malicious code in bioql PyPI...
CVE-2025-56803
Figma Desktop for Windows version 125.6.5 contains a command injection vulnerability in the local plugin loader. An attacker can execute arbitrary OS commands by setting a crafted build field in the plugin's manifest.json. This field is passed to childprocess.exec without validation, leading to...
CVE-2025-56803
Figma Desktop for Windows version 125.6.5 contains a command injection vulnerability in the local plugin loader. An attacker can execute arbitrary OS commands by setting a crafted build field in the plugin's manifest.json. This field is passed to childprocess.exec without validation, leading to...
CVE-2025-56803
Figma Desktop for Windows version 125.6.5 contains a command injection vulnerability in the local plugin loader. An attacker can execute arbitrary OS commands by setting a crafted build field in the plugin's manifest.json. This field is passed to childprocess.exec without validation, leading to...
CVE-2025-56803
CVE-2025-56803 affects Figma Desktop for Windows v125.6.5. The vulnerability is a command injection in the local plugin loader: if a plugin manifest.json includes a string in the build field, it is passed to Node.js child_process.exec without validation, enabling arbitrary OS command execution wh...
Figma Desktop ๅฎๅ จๆผๆด
Figma Desktop is a vector graphics editor and prototyping tool from Figma. A security vulnerability exists in Figma Desktop version 125.6.5, which stems from a command injection vulnerability in the local plugin loader that could lead to remote code execution...
PT-2025-35802
Name of the Vulnerable Software and Affected Versions: Figma Desktop versions 125.6.5 Description: Figma Desktop for Windows version 125.6.5 contains a command injection issue in the local plugin loader. An attacker can execute arbitrary OS commands by setting a crafted build field in the plugin'...
CVE-2025-56803
Figma Desktop for Windows version 125.6.5 contains a command injection vulnerability in the local plugin loader. An attacker can execute arbitrary OS commands by setting a crafted build field in the plugin's manifest.json. This field is passed to childprocess.exec without validation, leading to...
Exploit for CVE-2025-56803
CVE-2025-56803 Command Injection Vulnerability via Plugin...