Remote Command Execution Vulnerability in Framelink Figma MCP Server
CVE-2025-53967

8HIGH

Key Information:

Vendor: Framelink
Status: Figma Mcp Server
Vendor: CVE Published:; 8 October 2025

Badges

📈 Score: 459👾 Exploit Exists📰 News Worthy

What is CVE-2025-53967?

CVE-2025-53967 is a critical remote command execution vulnerability that affects the Framelink Figma MCP Server, specifically versions prior to 0.6.3. The Framelink Figma MCP Server is a platform used primarily for managing and processing Figma files, enabling collaboration and design workflows in various organizations. This vulnerability arises from improper input sanitization in a vulnerable endpoint, allowing unauthenticated attackers to send specially crafted HTTP POST requests embedded with shell metacharacters. When these malicious payloads are processed by the server, they enable the attacker to execute arbitrary operating system commands with the privileges associated with the MCP process. This type of exploit requires network access to the MCP interface, making it a serious concern for organizations that utilize this software, as it could lead to unauthorized access and control over the affected systems.

Potential impact of CVE-2025-53967

Arbitrary Command Execution: The vulnerability allows attackers to run arbitrary commands on the server, which could lead to full system compromise, data exfiltration, or manipulation of critical files.
Data Breaches: Exploitation of this vulnerability can result in unauthorized access to sensitive design files and proprietary data. This can severely impact the confidentiality and integrity of sensitive creative assets.
Service Disruption: If exploited, this vulnerability could enable attackers to disrupt server operations, possibly leading to downtime or degraded performance of services relying on the Framelink Figma MCP Server, which can negatively affect ongoing design projects and collaborations.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Figma MCP Server 0 < 0.6.3

News Articles

Dark Reading

CVE-2025-53967

Figma MCP Server Opens Orgs to Agentic AI Compromise

A bug (CVE-2025-53967) in the popular Web design tool's option for talking to agentic AI allows command injection leading to remote code execution (RCE).