OS command injection
-
Patched command injection in Figma MCP server could allow remote code execution, researchers say
A command injection bug in the figma-developer-mcp Model Context Protocol server, tracked as CVE-2025-53967 and scored 7.5, could allow remote code execution by interpolating unvalidated input into shell commands; the issue was fixed in version 0.6.3 and researchers recommend avoiding child_process.exec with untrusted data.
-
State-backed hackers exploited Libraesva ESG flaw; vendor issues urgent patch
Libraesva disclosed a state-sponsored exploitation of a vulnerability in its Email Security Gateway (ESG), tracked as CVE-2025-59689. The flaw, a command injection triggered by specially crafted compressed attachments, affects ESG versions 4.5 through 5.5.x before 5.5.7. Patches are available, and end-of-support for older builds mandates manual upgrades.
-
Fortra patches critical GoAnywhere MFT flaw; admins urged to restrict internet exposure of Admin Console
Fortra has issued patches for a critical GoAnywhere MFT vulnerability (CVE-2025-10035) that could enable remote command injection via deserialization. The company urges administrators to secure Admin Console access and apply the latest updates, as Shadowserver tracks hundreds of GoAnywhere instances and exposure continues to be a concern.
-
CISA Adds Two N-able N-central Vulnerabilities to KEV; MSP Patch Push Underway
U.S. authorities added two vulnerabilities in N-able N-central to the Known Exploited Vulnerabilities catalog, while noting no public exploitation has been reported. The flaws—CVE-2025-8875 (insecure deserialization) and CVE-2025-8876 (command injection)—require authentication and have been patched in N-central versions 2025.3.1 and 2024.6 HF2, with upgrades urged for on-premises deployments.
-
Fortinet patches critical FortiSIEM vulnerability CVE-2025-25256 as exploit code surfaces in the wild
Fortinet issued patches for a critical FortiSIEM vulnerability (CVE-2025-25256) after exploit code appeared in the wild. The flaw enables unauthenticated code execution through crafted CLI requests across multiple FortiSIEM versions. Upgrades to fixed releases are recommended, and administrators should limit access to the phMonitor port if upgrades are not feasible. Indicator coverage may be limited…
