Security Advisory

CVE-2025-53967

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-10-08 00:00:00
Last updated 2025-10-08 17:18:20
Assigner mitre
State PUBLISHED

Description

Framelink Figma MCP Server before 0.6.3 allows an unauthenticated remote attacker to execute arbitrary operating system commands via a crafted HTTP POST request with shell metacharacters in input that is used by a fetchWithRetry curl command. The vulnerable endpoint fails to properly sanitize user-supplied input, enabling the attacker to inject malicious commands that are executed with the privileges of the MCP process. Exploitation requires network access to the MCP interface.