Critical Marimo Flaw Exploited in Under 10 Hours

The Window to Act Is Shrinking

What is it?

A critical vulnerability (CVE-2026-39987, CVSS 9.3) has been identified in Marimo, an open-source Python notebook used for data science and analysis.

The flaw allows pre-authenticated remote code execution (RCE)—meaning attackers don’t need login credentials to take control.

At the center of the issue is the /terminal/ws WebSocket endpoint, which fails to validate authentication. While other endpoints properly verify access, this one skips the check entirely.

The result?
An attacker can establish a connection and gain a full interactive shell, giving them the ability to:

• Execute system commands
• Browse files
• Extract sensitive data
• Access environment variables and credentials

The vulnerability affects all versions up to 0.20.4 and has been patched in 0.23.0.

Why should you care?

Because the timeline has changed—and not in your favor.

According to findings from Sysdig, exploitation began within 9 hours and 41 minutes of public disclosure.

No proof-of-concept exploit was released.
No automation kits were available.

An attacker simply read the advisory… and built the exploit themselves.

What the attack looked like:

• Connected to the exposed /terminal/ws endpoint
• Performed manual reconnaissance of the system
• Searched for .env files, SSH keys, and sensitive configs
• Returned multiple times over 90 minutes to validate findings

This wasn’t spray-and-pray automation.
This was a hands-on keyboard attack, fast and deliberate.

The Bigger Problem: Exploits Are Moving Faster Than Ever

This incident highlights a growing reality in cybersecurity:

The gap between vulnerability disclosure and active exploitation is collapsing.

What used to take days or weeks is now happening in hours—or less.

Threat actors are:

• Monitoring disclosures in real time
• Rapidly reverse-engineering advisories
• Targeting systems before patches are widely applied

And critically:

It’s not just major platforms anymore.

Even niche or lesser-known tools—like Marimo—are now immediate targets if they’re exposed to the internet.

What can you do?

This is where strong fundamentals matter more than ever.

1. Patch Immediately

If you’re using Marimo:

• Upgrade to version 0.23.0 or later right away

Delays are no longer safe.

2. Eliminate Unnecessary Exposure

• Do not expose development tools or notebooks to the public internet
• Restrict access using VPNs or internal-only networks

3. Enforce Authentication Everywhere

• Audit all endpoints—not just the obvious ones
• Ensure authentication checks are consistently applied

4. Monitor for Suspicious Activity

Watch for:

• Unexpected WebSocket connections
• Access to .env files or sensitive directories
• Repeated connection attempts over short intervals

5. Assume Disclosure = Active Threat

The old mindset:

“We have time after a vulnerability is announced.”

The new reality:

“Attackers are already trying to exploit it.”

The Bottom Line

The Marimo vulnerability isn’t just about one tool—it’s a warning.

The speed of exploitation is accelerating, and the margin for response is shrinking.
If a system is exposed and unpatched, it’s already at risk.