High severity8.0NVD Advisory· Published Oct 8, 2025· Updated Apr 15, 2026
CVE-2025-53967
CVE-2025-53967
Description
Framelink Figma MCP Server before 0.6.3 allows an unauthenticated remote attacker to execute arbitrary operating system commands via a crafted HTTP POST request with shell metacharacters in input that is used by a fetchWithRetry curl command. The vulnerable endpoint fails to properly sanitize user-supplied input, enabling the attacker to inject malicious commands that are executed with the privileges of the MCP process. Exploitation requires network access to the MCP interface.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
figma-developer-mcpnpm | < 0.6.3 | 0.6.3 |
Affected products
1Patches
Vulnerability mechanics
References
6- github.com/advisories/GHSA-gxw4-4fc5-9gr5ghsaADVISORY
- github.com/GLips/Figma-Context-MCP/commit/7f4b5859454b0567c2121ff22c69a0344680b124ghsaWEB
- github.com/GLips/Figma-Context-MCP/security/advisories/GHSA-gxw4-4fc5-9gr5ghsaWEB
- github.com/GLips/Figma-Context-MCP/blob/96b3852669c5eed65e4a6e20406c25504d9196f2/src/utils/fetch-with-retry.tsnvd
- github.com/GLips/Figma-Context-MCP/releases/tag/v0.6.3nvd
- www.imperva.com/blog/another-critical-rce-discovered-in-a-popular-mcp-server/nvd
News mentions
0No linked articles in our index yet.