#container-security

Marimo's CVE-2026-39987 Pre-Auth RCE Puts AI Notebooks on the [Same CVE Treadmill](/articles/instructlab-cve-2026-6859-hardcoded-trust-remote-code-true-turns-any/) as Inference Servers (see also [inference servers](/articles/hugging-face-lerobot-cve-2026-25874-unauthenticated-pickle-loads-rce-in-grpc/))

CVE-2026-39987 skipped auth on Marimo's /terminal/ws, handing any caller a root PTY shell (CVSS 9.3) — exploited in the wild just 9h 41m after the advisory.