CyberHappenings logo
Home Browse About

Track cybersecurity events as they unfold. Sourced timelines. Filter, sort, and browse. Fast, privacy‑respecting. No invasive ads, no tracking.

Command Injection Vulnerability in Figma MCP

First reported
Last updated
2 unique sources, 2 articles

Summary

Hide ▲

A command injection vulnerability (CVE-2025-53967) in the Figma MCP server allows remote code execution. The flaw, stemming from unsanitized user input, was patched in version 0.6.3. The issue affects developers using AI-powered coding agents like Cursor. The vulnerability could be exploited by attackers on the same network or via DNS rebinding attacks. It was discovered by Imperva in July 2025 and was addressed in the latest release. The flaw resides in the 'src/utils/fetch-with-retry.ts' file, where the curl command is constructed using shell command strings, enabling potential remote code execution. The patch replaces 'child_process.exec()' with 'child_process.execFile()' and implements proper input validation. Users should upgrade to Figma MCP version 0.6.3 or higher, audit systems using vulnerable versions, and review logs for suspicious command execution patterns. There are over 15,000 MCP servers in the world, with many misconfigured and lacking authentication or access controls.

Timeline

  1. 08.10.2025 20:14 1 articles · 6d ago

    Widespread use of MCP servers and associated security risks

    There are over 15,000 MCP servers in the world, with many misconfigured and lacking authentication or access controls. Security vendors are offering MCP security guides and resources, such as Adversa's MCP vulnerability database.

    Show sources
    Open in new tab
  2. 08.10.2025 13:58 2 articles · 7d ago

    Command Injection Vulnerability in Figma MCP Disclosed

    A command injection vulnerability (CVE-2025-53967) in the Figma MCP server was disclosed. The flaw allows remote code execution due to unsanitized user input. The vulnerability was discovered in July 2025 and was patched in version 0.6.3 of figma-developer-mcp. The issue affects developers using AI-powered coding agents like Cursor. The flaw can be exploited by attackers on the same network or via DNS rebinding attacks. The vulnerability resides in the 'src/utils/fetch-with-retry.ts' file, where the curl command is constructed using shell command strings. The flaw allows attackers to execute arbitrary system commands through the get_figma_data tool. The patch replaces 'child_process.exec()' with 'child_process.execFile()' and implements proper input validation.

    Show sources
    Open in new tab

Information Snippets

Similar Happenings

Active exploitation of authentication bypass in Service Finder WordPress theme

Threat actors are actively exploiting a critical vulnerability in the Service Finder WordPress theme, allowing them to bypass authentication and gain administrative access. The flaw, tracked as CVE-2025-5947, affects versions 6.0 and older and has been exploited since September 2025. The vulnerability is present in the Service Finder Bookings plugin bundled with the Service Finder theme. Over 13,800 exploitation attempts have been recorded since August 2025, with a surge of over 1,500 attempts daily in late September. The flaw affects over 6,100 customers using the theme. Administrators are advised to update to version 6.1 or stop using the theme to mitigate the risk.

Open in new tab

Meteobridge Command Injection Vulnerability Exploited in the Wild

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has flagged a high-severity command injection vulnerability (CVE-2025-4008) in Smartbedded Meteobridge as actively exploited in the wild. The flaw, with a CVSS score of 8.7, allows remote unauthenticated attackers to execute arbitrary code with elevated privileges on affected devices. The vulnerability resides in the Meteobridge web interface, specifically in the template.cgi script, which is vulnerable due to insecure use of eval calls. The flaw was discovered and reported by ONEKEY in February 2025 and was addressed in Meteobridge version 6.2, released on May 13, 2025. The vulnerability can be exploited through specially crafted requests and malicious webpages, posing a significant risk to users. Federal Civilian Executive Branch (FCEB) agencies are required to apply necessary updates by October 23, 2025, to mitigate the risk.

Open in new tab

Command injection flaw in Libraesva ESG exploited by state actors

Libraesva has released an emergency update for its Email Security Gateway (ESG) solution to address a command injection vulnerability (CVE-2025-59689). This flaw, exploited by a state-sponsored actor, allows arbitrary shell command execution via a crafted email attachment. The vulnerability affects all versions from 4.5 onwards and has been patched in versions 5.0.31, 5.1.20, 5.2.31, 5.3.16, 5.4.8, and 5.5.7. The exploit was discovered and patched within 17 hours of detection. The vulnerability is triggered by improper sanitization of compressed archive formats, enabling non-privileged users to execute arbitrary commands. The patch includes a sanitization fix, automated scans for indicators of compromise, and a self-assessment module to verify the update's application. The vulnerability has a CVSS score of 6.1, indicating medium severity. Libraesva has identified one confirmed incident of abuse by a foreign hostile state entity. Customers using versions below 5.0 must upgrade manually to a supported release, as they have reached end-of-life and will not receive a patch for CVE-2025-59689.

Open in new tab

Critical deserialization flaw in GoAnywhere MFT (CVE-2025-10035) patched

The critical deserialization vulnerability (CVE-2025-10035) in GoAnywhere MFT has been actively exploited by the cybercrime group Storm-1175 in Medusa ransomware attacks since at least September 11, 2025. This flaw, rated 10.0 on the CVSS scale, allows for arbitrary command execution if the system is publicly accessible over the internet. Fortra has released patches in versions 7.8.4 and 7.6.3. The vulnerability was disclosed on September 18, 2025, but exploitation began a week earlier. The Shadowserver Foundation is monitoring over 513 GoAnywhere MFT instances exposed online, although the number of patched instances is unknown. The flaw impacts the same license code path as the earlier CVE-2023-0669, which was widely exploited by multiple ransomware and APT groups in 2023, including LockBit. The vulnerability enables an attacker to bypass signature verification by crafting a forged license response signature, allowing the deserialization of arbitrary, attacker-controlled objects. Successful exploitation could result in command injection and potential remote code execution (RCE) on the affected system. The threat actor used legitimate remote monitoring and management (RMM) tools SimpleHelp and MeshAgent to launch binaries following exploitation. The threat actor utilized RMM tools to establish command-and-control (C2) infrastructure and set up a Cloudflare tunnel for secure C2 communication. The deployment and execution of Rclone was observed in at least one victim environment during the exfiltration stage. Medusa ransomware has over 300 global victims in critical infrastructure sectors, including a confirmed attack on a US healthcare organization in early 2025. Fortra began investigating the vulnerability on September 11, 2025, following a customer report. Fortra contacted on-premises customers with publicly accessible admin consoles and notified law enforcement on September 11, 2025. A hotfix for versions 7.6.x, 7.7.x, and 7.8.x was released on September 12, 2025. Full patches for versions 7.6.3 and 7.8.4 were released on September 15, 2025. The CVE for the vulnerability was formally published on September 18, 2025. Fortra confirmed a limited number of reports of unauthorized activity related to CVE-2025-10035. Fortra recommends restricting admin console access over the internet and enabling monitoring. watchTowr CEO and founder Benjamin Harris reiterated the need for transparency from Fortra regarding the private keys used in the exploit.

Open in new tab

SAP S/4HANA Command Injection Vulnerability CVE-2025-42957 Exploited in the Wild

A critical command injection vulnerability in SAP S/4HANA, tracked as CVE-2025-42957, is actively exploited in the wild. The flaw allows attackers with low-privileged user access to execute arbitrary ABAP code, potentially leading to full system compromise. The vulnerability affects both on-premise and Private Cloud editions of SAP S/4HANA. The flaw was patched in SAP's August 2025 updates, but exploitation has been observed. SecurityBridge Threat Research Labs, BleepingComputer, and Pathlock have reported active exploitation. Organizations are advised to apply patches, monitor logs for suspicious RFC calls or new admin users, implement SAP's Unified Connectivity framework (UCON) to restrict RFC usage, and take additional security measures to mitigate the risk.

Open in new tab