Unprotected Alternate Channel

CVE-2025-53967

High

8/10

Summary

A Command Injection vulnerability exists in the "get_figma_data tool" of the figma-developer-mcp MCP Server. Unsanitized, attacker-controlled input is interpolated into a shell-invoking "child_process.exec" call, allowing injection of shell metacharacters and arbitrary system commands. Successful exploitation may result in remote code execution with the privileges of the server process, data disclosure, tampering, or Denial-of-Service. This issue affects figma-developer-mcp versions prior to 0.6.3.

Attack Complexity: HIGH
Attack Vector: ADJACENT NETWORK
Integrity Impact: HIGH
Scope: CHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: HIGH
Availability Impact: NONE

CWE-420 - Unprotected Alternate Channel

The software protects a primary channel, but it does not use the same level of protection for an alternate channel.

References

Advisory
Release Note
Pull request

Advisory Timeline

Published Oct 08, 2025

Unprotected Alternate Channel

CVE-2025-53967

Summary

CWE-420 - Unprotected Alternate Channel

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS