CVE-2026-39987

Name of the Vulnerable Software and Affected Versions Marimo versions prior to 0.23.0

Description Marimo, a reactive Python notebook, contains a pre-authentication remote code execution (RCE) vulnerability in the '/terminal/ws' WebSocket endpoint. This endpoint lacks authentication validation, allowing an unauthenticated attacker to obtain a full PTY shell and execute arbitrary system commands. Unlike other WebSocket endpoints that correctly implement authentication checks, the '/terminal/ws' endpoint bypasses these checks, accepting connections without verification. The vulnerability was exploited within 10 hours of public disclosure, with attackers gaining shell access and attempting to extract sensitive data. The vulnerability is fixed in version 0.23.0.

Recommendations Update to version 0.23.0 or later.