Arbitrary Code Execution in ForgeCode CLI by TailcallHQ
CVE-2026-57860

8.4HIGH

Key Information:

Vendor

Tailcallhq

Status
Vendor
CVE Published:
17 July 2026

What is CVE-2026-57860?

ForgeCode, an AI pair-programming command-line interface by TailcallHQ, has a significant vulnerability that allows untrusted repositories to execute arbitrary commands. When users run the ForgeCode CLI, it automatically loads and executes MCP servers defined in a repository's .mcp.json file without any user confirmation. This process can include malicious entries that specify harmful commands, potentially compromising the user's system by executing commands with their privileges. Developers evaluating untrusted repositories with ForgeCode are particularly at risk, as this vulnerability facilitates initial access and persistence for attackers.

Affected Version(s)

forgecode 2.11.1

References

CVSS V4

Score:
8.4
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Saad ELHARAJ (SAAITAAMAA)
.