Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Figma MCP version 0.6.3 remediation guidance

Advisory/Mitigation
First reported
Last updated
Happening score
H score 25
1 unique sources, 1 articles

Summary

Hide ▲

Users of Figma MCP were told to upgrade to version 0.6.3 or higher to reduce exposure to a command-injection flaw that could enable remote code execution. The remediation also calls for an audit of vulnerable systems so operators can find affected deployments. Teams are further advised to review logs for suspicious command execution patterns to spot possible abuse.

Related Happenings

MCP STDIO arbitrary command execution security flaw

Vulnerability
First: 16.04.2026 12:40 Last: 16.04.2026 12:40 Sources 1

About this happening: A **critical MCP flaw** in the **STDIO interface** can trigger **arbitrary command execution**, putting **connected AI systems** at risk of **data exposure** and **system takeover...

Open Happening

Anthropic security patch release for CVE-2025-68143

Security Patch Release
First: 20.01.2026 17:01 Last: 20.01.2026 17:01 Sources 1

About this happening: **Anthropic** released **December 2025** fixes for **mcp-server-git** vulnerabilities affecting default installations, closing flaws that could enable **prompt injection**, **code...

Open Happening

Mcp-server-git path traversal and argument injection flaws (multiple vulnerabilities)

Vulnerability
First: 20.01.2026 15:55 Last: 20.01.2026 15:55 Sources 1

About this happening: **Anthropic's mcp-server-git** now has **three disclosed vulnerabilities** that can enable **arbitrary file read/delete** and **code execution** in affected deployments. The issue...

Open Happening

Figma-developer-mcp MCP server command injection (CVE-2025-53967)

Vulnerability
First: 08.10.2025 13:58 Last: 08.10.2025 13:58 Sources 1

How related: the "figma-developer-mcp" npm package has a bug (CVE-2025-53967; CVSS 7.5) that allows attackers to execute arbitrary system commands through the get_figma_data tool.

About this happening: **figma-developer-mcp** has a **now-patched command injection** flaw, **CVE-2025-53967**, that can let attackers execute arbitrary commands and reach **remote code execution**. Th...

Open Happening

Checkmarx Zero LITL prompt-injection analysis against Anthropic Claude Code

Technical Analysis
First: 15.09.2025 12:11 Last: 15.09.2025 12:11 Sources 1

About this happening: Researchers demonstrated **lies-in-the-loop (LITL)**, a **prompt-injection** technique that can trick **Anthropic's Claude Code** into approving dangerous actions, expanding risk...

Open Happening

Timeline

  1. 08.10.2025 20:14 1 articles · 7mo ago

    CVE-2025-53967 disclosure in Figma MCP

    Initial Disclosure

    Researchers identified a high-severity command injection flaw in the figma-developer-mcp npm package, tracked as CVE-2025-53967 and rated CVSS 7.5, where unvalidated user input reaches `child_process.exec()` through the `get_figma_data` tool and can enable arbitrary system commands, remote code execution, and system compromise in Figma MCP deployments.

    Show sources
    Open in new tab
  2. 08.10.2025 20:14 2 articles · 7mo ago

    Figma MCP 0.6.3 remediation guidance

    Mitigation Patch Update

    The recommended remediation for Figma MCP deployments is to upgrade to version 0.6.3 or higher, replace `child_process.exec()` with `child_process.execFile()`, enforce input validation, audit systems still running vulnerable versions, and review logs for suspicious command execution patterns.

    Show sources
    Open in new tab