Critical Pre‑Auth RCE in Marimo Notebook (CVE‑2026‑39987) Exploited Within Hours
What It Is — Marimo is an open‑source Python notebook platform for data‑science and interactive coding. CVE‑2026‑39987 is a pre‑authentication remote code execution flaw in the /terminal/ws WebSocket endpoint that grants an attacker a full PTY shell without any credentials.
Exploitability — The vulnerability (CVSS 9.3) was weaponized by threat actors within 10 hours of public disclosure; credential theft was completed in under 3 minutes despite the absence of a public PoC. Sysdig observed exploitation 9 hours 41 minutes after the advisory was published.
Affected Products — Marimo ≤ 0.20.4 (open‑source). The issue is patched in version 0.23.0.
TPRM Impact —
- Organizations that embed Marimo in internal analytics pipelines, SaaS products, or managed‑service offerings are exposed to immediate supply‑chain compromise.
- Successful exploitation can lead to credential theft, lateral movement, and potential exfiltration of proprietary data or intellectual property.
Recommended Actions —
- Upgrade all Marimo instances to 0.23.0 or later.
- Restrict network access to the
/terminal/wsendpoint (e.g., firewall, API gateway). - Audit logs for unexpected WebSocket connections and PTY sessions.
- Conduct a threat‑hunt for IOCs associated with the known exploit pattern.
- Review third‑party risk contracts to ensure open‑source component update obligations are enforceable.
Source: Security Affairs