CVE-2025-53967HIGH 8.0EPSS p93.7%

CVE-2025-53967CVE-2025-53967

Description

Framelink Figma MCP Server before 0.6.3 allows an unauthenticated remote attacker to execute arbitrary operating system commands via a crafted HTTP POST request with shell metacharacters in input that is used by a fetchWithRetry curl command. The vulnerable endpoint fails to properly sanitize user-supplied input, enabling the attacker to inject malicious commands that are executed with the privileges of the MCP process. Exploitation requires network access to the MCP interface.

Scoring

CVSS 3.18.0 (HIGH)
VectorCVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
EPSS7.42% probability of exploitation · percentile 93.7% · 2026-06-19T12:03:05Z
Published2025-10-08
Last modified2026-04-15

Underlying weaknesses· 1

CWE-420

References

  1. https://github.com/GLips/Figma-Context-MCP/blob/96b3852669c5eed65e4a6e20406c25504d9196f2/src/utils/fetch-with-retry.ts#L34
  2. https://github.com/GLips/Figma-Context-MCP/releases/tag/v0.6.3
  3. https://www.imperva.com/blog/another-critical-rce-discovered-in-a-popular-mcp-server/

1

TypeTargetConfidenceTier
WeaknessUnprotected Alternate Channelcwe-4200%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-15061
CVE
CVE-2025-6514
CVE
CVE-2025-61492
CVE
CVE-2025-65719
CVE
CVE-2025-56803
CVE
CVE-2025-5277
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.