Marimo RCE Flaw CVE-2026-39987 Exploited Within 10 Hours of Disclosure

A critical remote code execution vulnerability (CVE-2026-39987, CVSS 9.3) in Marimo, an open-source Python notebook for data science, has been actively exploited within 10 hours of public disclosure. The flaw is a pre-authenticated RCE affecting all versions prior to and including the current release. Security researchers at Sysdig discovered the rapid weaponization of this vulnerability, highlighting the increasingly short window between disclosure and active exploitation in the wild. Organizations using Marimo should immediately patch to the latest version to prevent potential compromise. This incident underscores the critical importance of rapid patching cycles for high-severity vulnerabilities, particularly those affecting data science and development tools that may handle sensitive information.

A critical security vulnerability in Marimo, an open-source Python notebook for data science and analysis, has been exploited within 10 hours of public disclosure, according to findings from Sysdig. The vulnerability in question is CVE-2026-39987 (CVSS score: 9.3), a pre-authenticated remote code execution vulnerability impacting all versions of Marimo prior to and including

A critical remote code execution vulnerability (CVE-2026-39987, CVSS 9.3) in Marimo, an open-source Python notebook for data science, has been actively exploited within 10 hours of public disclosure. The flaw is a pre-authenticated RCE affecting all versions prior to and including the current release. Security researchers at Sysdig discovered the rapid weaponization of this vulnerability, highlighting the increasingly short window between disclosure and active exploitation in the wild. Organizations using Marimo should immediately patch to the latest version to prevent potential compromise. This incident underscores the critical importance of rapid patching cycles for high-severity vulnerabilities, particularly those affecting data science and development tools that may handle sensitive information. A critical security vulnerability in Marimo, an open-source Python notebook for data science and analysis, has been exploited within 10 hours of public disclosure, according to findings from Sysdig. The vulnerability in question is CVE-2026-39987 (CVSS score: 9.3), a pre-authenticated remote code execution vulnerability impacting all versions of Marimo prior to and including A critical security vulnerability in Marimo, an open-source Python notebook for data science and analysis, has been exploited within 10 hours of public disclosure, according to findings from Sysdig. The vulnerability in question is CVE-2026-39987 (CVSS score: 9.3), a pre-authenticated remote code execution vulnerability impacting all versions of Marimo prior to and including