A single unauthenticated connection gives attackers a full shell; credential theft observed in under three minutes on honeypot servers.

Marimo CVE-2026-39987 exploited within 10 hours of disclosure, enabling unauthenticated RCE and credential theft, emphasizing urgent patching needs.

A critical flaw in Python tool Marimo was exploited within 10 hours of disclosure, researchers report, highlighting how quickly attackers are now turning vulnerability advisories into real-world ...

A threat actor started exploiting CVE-2026-39987, an unauthenticated RCE vulnerability in Marimo, nine hours after public ...

A critical pre-authentication remote code execution (RCE) vulnerability in Marimo is now under active exploitation, leveraged ...

Marimo is an integrated development environment for Python that combines code, results, visualizations, and documentation.

Marimo成立于2022年，是一家AI技术开发平台，主打产品Marimo Notebook 是一款开源的、原生支持 AI 的、响应式的 Python 开发环境。云计算服务提供商CoreWeave宣布达成最终协议，将收购AI开发平台Marimo。此次收购将把Marimo的技术整合至CoreWeave云平台。