A critical remote code execution vulnerability in the open-source Marimo Python notebook was exploited by attackers less than ten hours after the security flaw was publicly disclosed.

Key Points

• The vulnerability, tracked as CVE-2026-39987, carries a high CVSS score of 9.3 and affects all Marimo versions up to 0.20.4.
• Attackers exploited a missing authentication check in the /terminal/ws WebSocket endpoint to gain full PTY shell access and execute arbitrary system commands.
• Security firm Sysdig observed an unknown threat actor manually harvesting sensitive data, including .env files and SSH keys, from a honeypot system.
• Marimo maintainers have released version 0.23.0 to address the security flaw and urge all users to update their instances immediately.
• The rapid exploitation occurred despite the absence of a public proof-of-concept, highlighting the speed at which attackers weaponize technical advisories.

Why it Matters

This incident demonstrates that threat actors are actively monitoring security disclosures to target even niche, internet-facing applications before administrators can apply patches. The shrinking window between disclosure and exploitation forces organizations to prioritize rapid vulnerability management to prevent unauthorized access to sensitive system credentials.