Attackers began exploiting a critical remote code execution vulnerability in the Marimo open-source Python notebook platform within 10 hours of its public disclosure. The flaw (CVE-2026-39987) in the /terminal/ws WebSocket endpoint allowed unauthenticated interactive shell access, enabling rapid credential theft observed by Sysdig and prompting Marimo to release version 0.23.0. #Marimo #CVE-2026-39987
Keypoints
- Critical RCE in Marimo versions 0.20.4 and earlier via /terminal/ws allowed unauthenticated interactive shell access.
- Exploitation began within 10 hours of disclosure, with 125 IPs conducting reconnaissance within 12 hours.
- Attackers conducted manual reconnaissance and harvested .env variables and SSH-related files, stealing credentials in under three minutes.
- Marimo released patch 0.23.0 and advises blocking /terminal/ws, restricting external access, and rotating exposed secrets.
- Operators appeared hands-on and focused on quick credential theft without installing persistence or malware.