Skip to main content

Forgecode

1 CVEs product

Monthly

CVE-2026-57860 HIGH PATCH This Week

Arbitrary code execution in ForgeCode (tailcallhq/forgecode), an AI pair-programming CLI, occurs because the tool auto-loads and honors a repository's project-local .mcp.json at startup without asking the user. A malicious repository can define mcpServers entries with arbitrary command/args (e.g. bash -c), so simply running the forge CLI inside a cloned untrusted repo spawns attacker-chosen commands as the invoking developer. Reported by VulnCheck with a vendor patch available; no public exploit tool is identified at time of analysis, though the CVE description itself embeds a working payload example.

RCE Forgecode
NVD GitHub
CVSS 4.0
8.4
CVSS 8.4
HIGH PATCH This Week

Arbitrary code execution in ForgeCode (tailcallhq/forgecode), an AI pair-programming CLI, occurs because the tool auto-loads and honors a repository's project-local .mcp.json at startup without asking the user. A malicious repository can define mcpServers entries with arbitrary command/args (e.g. bash -c), so simply running the forge CLI inside a cloned untrusted repo spawns attacker-chosen commands as the invoking developer. Reported by VulnCheck with a vendor patch available; no public exploit tool is identified at time of analysis, though the CVE description itself embeds a working payload example.

RCE Forgecode
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy