CVE-2026-39987

Description

marimo is a reactive Python notebook. Prior to 0.23.0, Marimo has a Pre-Auth RCE vulnerability. The terminal WebSocket endpoint /terminal/ws lacks authentication validation, allowing an unauthenticated attacker to obtain a full PTY shell and execute arbitrary system commands. Unlike other WebSocket endpoints (e.g., /ws) that correctly call validate_auth() for authentication, the /terminal/ws endpoint only checks the running mode and platform support before accepting connections, completely skipping authentication verification. This vulnerability is fixed in 0.23.0.

Proof of Concept (POC) Links

Explore how this vulnerability can be reproduced or exploited.

https://github.com/marimo-team/marimo/security/advisories/GHSA-2679-6mx9-h9xc https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-39987 https://www.sysdig.com/blog/marimo-oss-python-notebook-rce-from-disclosure-to-exploitation-in-under-10-hours