CVE-2025-53967
CVE-2025-53967
8.0
HighPublished:
Last updated:
Source:cve@mitre.org
Deferred
Weakness (CWE)
CVSS Vector
v3.1- Attack Vector
- Adjacent
- Attack Complexity
- High
- Privileges Required
- None
- User Interaction
- None
- Scope
- Changed
- Confidentiality
- High
- Integrity
- High
- Availability
- None
Description
Framelink Figma MCP Server before 0.6.3 allows an unauthenticated remote attacker to execute arbitrary operating system commands via a crafted HTTP POST request with shell metacharacters in input that is used by a fetchWithRetry curl command. The vulnerable endpoint fails to properly sanitize user-supplied input, enabling the attacker to inject malicious commands that are executed with the privileges of the MCP process. Exploitation requires network access to the MCP interface.