Critical Marimo Vulnerability Exploitation Following Recent Exposure
Marimo Flaw Exploited Rapidly After Public Disclosure
The maintainers of Marimo, an open-source reactive notebook for Python, publicly disclosed a critical-severity vulnerability identified as CVE-2026-39987 on April 8.
- The flaw carries a CVSS score of 9.3, indicating its severity.
- Cloud security firm Sysdig reported that an attacker created an exploit for this vulnerability just nine hours and 41 minutes after the public disclosure.
Background Information
Marimo is designed to ensure consistency in code, outputs, and program state, and its popularity is evident with around 20,000 stars on GitHub.
According to Sysdig, “The critical nature of the flaw lies in the lack of authentication validation in the terminal WebSocket endpoint.”
Attack Details
The first exploitation of the bug occurred shortly after the advisory was published, despite there being no publicly available proof-of-concept (PoC).
- The attacker successfully created a working exploit, connected to the vulnerable terminal endpoint, and began manually exploring the compromised environment.
- During the attack, the threat actor accessed the vulnerable terminal WebSocket endpoint, performed manual reconnaissance, and then returned to exfiltrate credential-containing files.
- They even attempted to read every file in the targeted directory and searched for SSH keys.
- The entire operation was completed within three minutes.
Affected Versions
All Marimo releases up to version 0.20.4 are affected by the CVE-2026-39987 vulnerability.
Users are strongly advised to update to version 0.23.0 or newer, which includes patches for the bug.
About Author
English