Critical Marimo Pre-Auth RCE Flaw Now Under Active Exploitation

Related

Hackers Exploit Critical Auth Bypass in Gitea Docker Image

What happened Hackers are actively exploiting a critical authentication bypass...

Zimbra Urges Customers to Patch Critical Web Client XSS Flaw

What happened Zimbra urged customers to patch a critical stored...

Progress Urges ShareFile Customers to Shut Down Servers Over Credible Threat

What happened Progress Software warned ShareFile customers using Storage Zone...

Ubiquiti Discloses 25 Security Flaws Across UniFi Ecosystem

What happened Ubiquiti disclosed 25 security vulnerabilities affecting products across...

AirDrop and Quick Share Flaws Allow Attackers to Crash Nearby Devices

What happened Security researchers disclosed multiple vulnerabilities affecting Apple AirDrop...

Share

What happened

A critical vulnerability in the open-source Python notebook platform Marimo is now under active exploitation, with attackers moving quickly after public disclosure. The flaw, tracked as CVE-2026-39987, affects Marimo versions 0.20.4 and earlier and can allow remote code execution without authentication. The issue stems from the /terminal/ws WebSocket endpoint exposing an interactive terminal without proper authentication checks, giving an unauthenticated attacker shell access with the same privileges as the Marimo process. Marimo disclosed the flaw on April 8 and released version 0.23.0 to address it. Researchers observed exploitation less than 10 hours after disclosure, with attackers validating access, running reconnaissance commands, and stealing data such as environment variables, cloud credentials, application secrets, and attempts at SSH-related files. 

Who is affected

The direct exposure affects organizations and users running Marimo versions 0.20.4 and earlier, especially deployments exposed to shared networks while in edit mode or configured with –host 0.0.0.0. The observed attacks focused on exposed Marimo instances that allowed unauthenticated access to the vulnerable WebSocket endpoint. 

Why CISOs should care

This matters because the flaw gives attackers direct shell access without logging in, and exploitation began almost immediately after public disclosure. The observed activity also shows that attackers are prioritizing fast theft of high-value secrets such as .env contents, cloud credentials, and application secrets rather than noisy follow-on actions like persistence or cryptomining. 

3 practical actions

Upgrade immediately: Move affected Marimo deployments to version 0.23.0 without delay. 

Monitor the exposed endpoint: Review WebSocket activity to /terminal/ws and investigate any unexpected or unauthenticated connections. 

Rotate exposed secrets: Treat .env values, cloud credentials, application secrets, and any reachable SSH material as potentially exposed if vulnerable systems were internet-accessible. 

For more news about security flaws under active exploitation, click Vulnerability to read more.

IMG 0514 2
+ posts

John Kevin Hao is a news and feature writer covering cybersecurity, technology, and business targeted for professional audiences.