Cybersecurity experts have identified an active exploitation of a critical vulnerability in the Marimo open-source reactive Python notebook platform, occurring just hours after its public disclosure. This flaw, known as CVE-2026-39987, enables remote code execution without the need for authentication in Marimo versions 0.20.4 and earlier. It has been assigned a critical severity score of 9.3 out of 10 by GitHub. Researchers from cloud-security firm Sysdig reported that attackers quickly developed an exploit based on the developer's advisory and began using it to exfiltrate sensitive data.
Marimo, a widely used Python notebook environment favored by data scientists and developers, is at risk due to a WebSocket endpoint that improperly handles authentication. This vulnerability allows unauthorized access to an interactive terminal with the same privileges as the Marimo process itself. The flaw was publicly disclosed by Marimo on April 8, and version 0.23.0 was released to address the issue.
Sysdig's research revealed that within 12 hours of the vulnerability's disclosure, over 125 IP addresses were detected conducting reconnaissance activities. The first exploitation attempt, aimed at credential theft, occurred just 10 hours after the details became public. Attackers first confirmed the vulnerability by executing scripted commands and then manually conducted reconnaissance, targeting valuable credentials such as cloud credentials and SSH keys stored in .env files.
The attack was notable for its speed and precision, with the entire credential access phase lasting under three minutes. The attackers' focus on high-value data, without attempting to install persistent malware or backdoors, indicates a calculated and stealthy approach. Marimo users are strongly advised to upgrade to version 0.23.0, monitor WebSocket connections, restrict network access, and rotate exposed secrets to mitigate the risk of exploitation. For those unable to upgrade immediately, blocking access to the vulnerable endpoint is a recommended interim solution.


