VulnerabilityThe Hacker News
9.3 — CRITICAL
Marimo RCE Flaw CVE-2026-39987 Exploited Within 10 Hours of Disclosure
A critical security vulnerability in Marimo, an open-source Python notebook for data science and analysis, has been exploited within 10 hours of public disclosure, according to findings from Sysdig. The vulnerability in question is CVE-2026-39987 (CVSS score: 9.3), a pre-authenticated remote code execution vulnerability impacting all versions of Marimo prior to and including
🤖 AI BriefingAuto-generated threat analysis
🔍Threat Overview
A critical security vulnerability (CVE-2026-39987, CVSS score: 9.3) in Marimo, an open-source Python notebook, was exploited within 10 hours of public disclosure, posing a significant risk to users of affected systems.
⚙️Technical Details
Affected Systems
Marimo
Attack Vectors
Pre-authenticated remote code execution vulnerabilityLack of authentication validation in terminal WebSocket endpoint /terminal/ws
💥Impact Assessment
Severity: c
Who Is at Risk
Users of Marimo prior to and including version 0.23.0
🛡️Recommended Actions
1Update to the latest version of Marimo (version 0.23.0 or later)
2Disable terminal WebSocket endpoint /terminal/ws until a patch is available
3Monitor system logs for suspicious activity and report any incidents promptly
📦Affected Products
Marimo
🔐NVD Verified DataVERIFIED
Weaknesses
CWE-306
Read the full article
This is a curated summary. The complete article is available at The Hacker News.