Topic

#cve-2026-39987

2 articles exploring cve-2026-39987. Expert insights and analysis from our editorial team.

Showing 1–2 of 2 articles
Related topics:
marimo notebook-security rce authentication-bypass ml-platforms exploitation

Articles

Newest first
Security

Marimo CVE-2026-39987 Exposed Unauthenticated Root Shells Within Hours of Disclosure

Marimo's /terminal/ws endpoint granted unauthenticated attackers a full PTY shell. CVE-2026-39987 was actively exploited within 9 hours and 41 minutes of disclosure.
Security

Marimo's CVE-2026-39987 Went From Disclosure to Exploitation in 9 Hours 41 Minutes — and Staged NKAbuse Payloads on Hugging Face

Marimo CVE-2026-39987 was exploited 9h41m after disclosure, with 662 events and a NKAbuse backdoor staged on Hugging Face. Same-day patching is the new minimum for AI tooling.
Browse All Topics