criticalCISA KEVCVE-2026-39987

Marimo Remote Code Execution Vulnerability

Marimo contains an pre-authorization remote code execution vulnerability, allowing an unauthenticated attacked to shell access and execute arbitrary system commands.

ProductMarimo
CVSS9.3
EPSS0.95645
UpdatedJuly 9, 2026

Quick answer

Marimo should be reviewed and updated if it matches the affected versions. The recommended fix is to apply the vendor-supported patched version or the mitigation steps below, then retest the public website with Fixnx.

Who is affected

Affected versions

  • Review vendor advisory for affected versions.

Fixed versions

  • Apply the latest vendor-supported patched version.

How to fix it

CVE-2026-39987 is a pre-authentication remote code execution issue in marimo. Treat any internet-facing or shared marimo instance running an affected release as urgent, because the terminal WebSocket can expose a shell before authentication. The safest remediation is to upgrade marimo to 0.23.0 or later, remove direct public exposure, and rotate secrets that may have been reachable from notebooks, containers, or environment variables.

  1. Inventory every marimo server, notebook container, development workspace, and shared analytics host.
  2. If the installed marimo version is 0.20.4 or earlier, or if the version is unknown, remove the service from untrusted networks until it is upgraded.
  3. Upgrade marimo to 0.23.0 or later through the pinned Python dependency, package lock, or container image build.
  4. Rebuild and redeploy containers or virtual environments so old vulnerable packages are not left running.
  5. Restrict marimo access behind VPN, SSO, firewall rules, or a trusted internal network; do not expose the terminal endpoint to the public internet.
  6. Rotate API keys, cloud credentials, database passwords, notebook tokens, and other secrets that were available to the marimo process.
  7. Review web server, container, and application logs for unexpected terminal WebSocket connections, shell commands, or new files.

Scan now. Google sign-in is only needed to unlock fix guidance.

Verify the fix

  • Confirm the running package version reports marimo 0.23.0 or later.
  • Verify that unauthenticated requests to the terminal WebSocket endpoint are rejected or blocked before reaching marimo.
  • Confirm no public route, reverse proxy rule, or load balancer exposes the marimo service without authentication.
  • Run a fresh Fixnx scan and an internal network check against the host after redeployment.
  • Review logs for at least the exposure window and confirm no unexpected shell sessions remain active.

Related categories

Trusted references

FAQ

What is affected by CVE-2026-39987?

Marimo should be checked against the vendor advisory and trusted references linked on this page.

What should I fix first?

Start with internet-facing sites, admin panels, login flows, plugins, themes, modules, packages, and systems that process user-controlled input or sensitive data.

How do I confirm the fix worked?

Apply the patched version or mitigation, clear caches where relevant, retest the affected workflow, and run a new Fixnx scan to verify public website exposure signals.

Why can this risk appear in multiple categories?

A vulnerability can belong to more than one platform or ecosystem. Fixnx keeps one canonical risk page while also listing it in every relevant category.