Marimo RCE Vulnerability Exploited in the Within 10 Hours of Disclosure

A critical pre-authentication RCE vulnerability (CVE-2026-39987) in the Marimo Python notebook platform was exploited within 10 hours of its disclosure, allowing attackers to steal cloud credentials. The flaw affects the /terminal/ws endpoint, and users are advised to update to version 0.23.0 or later immediately.