MARIMO has a critical vulnerability, CVE-2026-39987, described as a pre-authenticated remote code execution flaw affecting all versions up to and including 0.20.4, with a fix released in 0.23.0, and it carries a CVSS score of 9.3. The Hacker News report notes that Sysdig found the vulnerability exploited within 10 hours of disclosure, with a credential theft operation carried out within minutes, even though no PoC existed at the time.
According to Marimo maintainers, the flaw stems from the unauthenticated terminal WebSocket endpoint at /terminal/ws, which did not perform authentication validation, allowing an unauthenticated attacker to obtain a full PTY shell and execute arbitrary commands.
Sysdig observed the first exploitation attempt targeting the vulnerability within 9 hours and 41 minutes of disclosure, with a threat actor connecting to a honeypot’s /terminal/ws and performing manual reconnaissance before data harvesting from the .env file and SSH keys.
The unknown threat actor returned about an hour later to access the honeypot’s .env contents, and the advisory notes claim this activity was driven by a human operator who connected multiple times over 90 minutes. according to Sysdig, this rapid weaponisation underscores how swiftly attackers act on new disclosures, shrinking the window defenders have to patch.