Severe Framelink Figma MCP Vulnerability Lets Hackers Execute Code Remotely

Posted on October 8, 2025 • 1 min read • 60 words

Share via

Link copied to clipboard

Cybersecurity researchers have disclosed details of a now-patched vulnerability in the popular figma-developer-mcp Model Context Protocol (MCP) server that could allow attackers to achieve code execution. The vulnerability, tracked as CVE-2025-53967 (CVSS score 7.5), is a command injection bug stemming from the unsanitized use of user input, opening the door to

Severe Framelink Figma MCP Vulnerability Lets Hackers Execute Code Remotely

Read on Hackernews

Cybersecurity researchers have disclosed details of a now-patched vulnerability in the popular figma-developer-mcp Model Context Protocol (MCP) server that could allow attackers to achieve code execution. The vulnerability, tracked as CVE-2025-53967 (CVSS score: 7.5), is a command injection bug stemming from the unsanitized use of user input, opening the door to a scenario where an attacker can

LockBit Qilin and DragonForce Join Forces to Dominate the Ransomware Ecosystem

No Time to Waste Embedding AI to Cut Noise and Reduce Risk

Everything coding, technology, and digital Life