Pre-Authentication Remote Code Execution in Marimo Python Notebook
CVE-2026-39987

9.3CRITICAL

Key Information:

Vendor

Marimo-team

Status
Marimo
Vendor
CVE Published:
9 April 2026

Badges

📈 Trended📈 Score: 3,480💰 Ransomware👾 Exploit Exists🟡 Public PoC🟣 EPSS 55%🦅 CISA Reported📰 News Worthy

What is CVE-2026-39987?

CVE-2026-39987 is a critical vulnerability that affects the Marimo Python Notebook, which is designed to facilitate reactive programming in Python through an interactive notebook interface. This vulnerability is characterized as a Pre-Authentication Remote Code Execution (RCE) flaw. Specifically, it arises from the inadequate authentication validation in the WebSocket endpoint used for terminal access, namely /terminal/ws. This endpoint fails to apply proper security checks, which allows an unauthenticated attacker to connect and gain access to a full pseudoterminal (PTY) shell. Consequently, the attacker can execute arbitrary system commands without any user authentication. This poses a serious threat to organizations utilizing Marimo, as exploitations of this vulnerability could lead to complete system compromise, data theft, and unauthorized alterations to critical system configurations.

Potential impact of CVE-2026-39987

  1. Unauthorized System Access: The vulnerability allows attackers to obtain a full PTY shell, which means they can execute any command on the host machine. This level of access can lead to various malicious activities, including data exfiltration, modification of system configurations, and installation of malware.

  2. Operational Disruption: An attacker exploiting this vulnerability could disrupt normal operations by executing commands that impact system stability, such as stopping services or deleting critical files. This potential for operational downtime could have severe repercussions for businesses relying on the availability of their services.

  3. Data Breach Risks: The ability to execute arbitrary commands may enable the attacker to access sensitive data stored on the system, resulting in potential data breaches. This not only affects the confidentiality of organizational data but can also lead to compliance issues and damage to reputation.

CISA has reported CVE-2026-39987

CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2026-39987 as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace as recent news articles suggest the vulnerability is being used by ransomware groups.

The CISA's recommendation is: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Affected Version(s)

marimo < 0.23.0

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

marimo_CVE-2026-39987_RCE_PoC
Created by fevar54

CVE-2026-39987
Created by h3raklez

News Articles

favicon imageIt Security News

Attackers Weaponize CVE-2026-39987 to Spread Blockchain-Based Backdoor Via Hugging Face - IT Security News

A critical vulnerability in the marimo Python notebook platform is now being actively used by attackers to deploy a blockchain-powered backdoor on developer systems. The flaw, tracked as CVE-2026-39987, allows remote code execution without authentication, making it a dangerous entry…Read more →

2 weeks ago

favicon imageIt Security News

Weaponized CVE-2026-39987 Pushes Blockchain Backdoor Through Hugging Face - IT Security News

Attackers are rapidly exploiting CVE-2026-39987 in the marimo Python notebook platform to deploy a new NKAbuse backdoor variant hosted on Hugging Face Spaces, turning AI/ML developer environments into high‑value infection points. The campaign combines pre-auth RCE, credential theft, lateral movement...

2 weeks ago

favicon imageBleepingComputer

Hackers exploit Marimo flaw to deploy NKAbuse malware from Hugging Face

Hackers are exploiting a critical vulnerability in Marimo reactive Python notebook to deploy a new variant of NKAbuse malware hosted on Hugging Face Spaces.

2 weeks ago

References

https://github.com/marimo-team/marimo/security/advisories...
x_refsource_CONFIRM
https://github.com/marimo-team/marimo/pull/9098
x_refsource_MISC
https://github.com/marimo-team/marimo/commit/c24d4806398f...
x_refsource_MISC

EPSS Score

55% chance of being exploited in the next 30 days.

CVSS V4

Score:
9.3
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • 🦅

    CISA Reported

  • 💰

    Used in Ransomware

  • 📈

    Vulnerability started trending

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • 📰

    First article discovered by Securityweek

  • Vulnerability published

  • Vulnerability Reserved

.