Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.9
Unsecured Terminal Access in Marimo
Known exploited
Exploitation likelihood: 60%
GHSA-2679-6mx9-h9xc
Summary
Marimo's terminal feature can be accessed without authentication, allowing an attacker to execute system commands. This affects all versions of Marimo up to 0.20.4. To fix, update to the latest version of Marimo to ensure secure terminal access.
What to do
- Update marimo to version 0.23.0.
Affected software
| Ecosystem | Vendor | Product | Affected versions |
|---|---|---|---|
| – | marimo | marimo | All versions |
| PyPI | – | marimo |
< 0.23.0 Fix: upgrade to 0.23.0
|
| – | coreweave | marimo |
< 0.23.0 cpe:2.3:a:coreweave:marimo:*:*:*:*:*:python:*:* |
Original title
Marimo Remote Code Execution Vulnerability
Original description
Marimo contains an pre-authorization remote code execution vulnerability, allowing an unauthenticated attacked to shell access and execute arbitrary system commands.
osv CVSS4.0
9.9
Vulnerability type
CWE-306
Missing Authentication for Critical Function
- https://github.com/marimo-team/marimo/security/advisories/GHSA-2679-6mx9-h9xc URL
- https://github.com/marimo-team/marimo/pull/9098 URL
- https://github.com/marimo-team/marimo/commit/c24d4806398f30be6b12acd6c60d1d7c68c... URL
- https://github.com/marimo-team/marimo Product
- https://github.com/advisories/GHSA-2679-6mx9-h9xc
- https://nvd.nist.gov/vuln/detail/CVE-2026-39987 Vendor Advisory
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-... URL
- https://www.sysdig.com/blog/marimo-oss-python-notebook-rce-from-disclosure-to-ex... URL
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-... URL
Published: 23 Apr 2026 · Updated: 5 May 2026 · First seen: 8 Apr 2026