Arbitrary Code Execution in ForgeCode CLI by TailcallHQ
CVE-2026-57860
8.4HIGH
What is CVE-2026-57860?
ForgeCode, an AI pair-programming command-line interface by TailcallHQ, has a significant vulnerability that allows untrusted repositories to execute arbitrary commands. When users run the ForgeCode CLI, it automatically loads and executes MCP servers defined in a repository's .mcp.json file without any user confirmation. This process can include malicious entries that specify harmful commands, potentially compromising the user's system by executing commands with their privileges. Developers evaluating untrusted repositories with ForgeCode are particularly at risk, as this vulnerability facilitates initial access and persistence for attackers.
Affected Version(s)
forgecode 2.11.1
