The CVSS‑9.3 vulnerability allows unauthenticated remote code execution on exposed Marimo servers and was exploited in the wild shortly after disclosure, Sysdig says.
A critical pre-authentication remote code execution (RCE) vulnerability in Marimo is now under active exploitation, leveraged ...
Marimo CVE-2026-39987 exploited within 10 hours of disclosure, enabling unauthenticated RCE and credential theft, emphasizing urgent patching needs.
PM This week in cybersecurity: botnets, RCE flaws, AI-driven attacks, stealers, and more. Fast, no-fluff roundup.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results