Patch now: A bug (CVE-2025-53967) in a third-party option for connecting Figma to agentic AI can lead to remote code execution (RCE).
First seen on darkreading.com
Jump to article: www.darkreading.com/vulnerabilities-threats/figma-mcp-server-agentic-ai-compromise
