VYPR

Marimo

by Coreweave

pypi: marimo

Source repositories

CVEs (1)

  • CVE-2026-39987CriKEVApr 9, 2026
    risk 0.76cvss 9.8epss 0.96

    marimo is a reactive Python notebook. Prior to 0.23.0, Marimo has a Pre-Auth RCE vulnerability. The terminal WebSocket endpoint /terminal/ws lacks authentication validation, allowing an unauthenticated attacker to obtain a full PTY shell and execute arbitrary system commands.…