CVE-2025-53967
Unknown Unknown - Not Provided

BaseFortify

Vulnerability report for CVE-2025-53967, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2025-10-08

Last updated on: 2025-10-08

Assigner: MITRE

Description

Framelink Figma MCP Server before 0.6.3 allows an unauthenticated remote attacker to execute arbitrary operating system commands via a crafted HTTP POST request with shell metacharacters in input that is used by a fetchWithRetry curl command. The vulnerable endpoint fails to properly sanitize user-supplied input, enabling the attacker to inject malicious commands that are executed with the privileges of the MCP process. Exploitation requires network access to the MCP interface.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2025-10-08
Last Modified
2025-10-08
Generated
2026-07-06
AI Q&A
2025-10-08
EPSS Evaluated
2026-07-05
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
glips figma-context-mcp *

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-420 The product protects a primary channel, but it does not use the same level of protection for an alternate channel.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability in Framelink Figma MCP Server versions before 0.6.3 allows an unauthenticated remote attacker to execute arbitrary operating system commands. This is done by sending a specially crafted HTTP POST request containing shell metacharacters in input that is used by a fetchWithRetry curl command. The vulnerable endpoint does not properly sanitize user input, enabling command injection that runs with the privileges of the MCP process. Exploitation requires network access to the MCP interface.

Impact Analysis

The vulnerability can allow an attacker to execute arbitrary OS commands remotely without authentication, potentially leading to full compromise of the MCP server process. This can result in unauthorized access, data manipulation, or disruption of services depending on the privileges of the MCP process. Since the attacker can run commands with MCP process privileges, the impact on confidentiality and integrity is high.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-53967. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart