CVE-2026-39987: CWE-306: Missing Authentication for Critical Function in marimo-team marimo
Marimo versions prior to 0. 23. 0 contain a critical vulnerability in the /terminal/ws WebSocket endpoint that lacks authentication validation. This allows unauthenticated attackers to gain a full PTY shell and execute arbitrary system commands remotely. The vulnerability arises because unlike other endpoints, /terminal/ws does not call the validate_auth() function and only checks running mode and platform support. This issue is fixed in version 0. 23. 0. The vulnerability has a CVSS 4. 0 score of 9.
AI Analysis
Technical Summary
CVE-2026-39987 is a critical missing authentication vulnerability (CWE-306) in the marimo reactive Python notebook prior to version 0.23.0. The /terminal/ws WebSocket endpoint does not perform authentication checks, allowing unauthenticated remote attackers to obtain a full PTY shell and execute arbitrary commands on the system. Other WebSocket endpoints properly validate authentication, but /terminal/ws only verifies running mode and platform support before accepting connections. This vulnerability enables remote code execution without any user interaction or privileges. The issue is resolved in marimo version 0.23.0.
Potential Impact
An unauthenticated attacker can remotely execute arbitrary system commands with full PTY shell access via the vulnerable /terminal/ws endpoint. This leads to complete compromise of the affected system running marimo versions prior to 0.23.0. The vulnerability is rated critical with a CVSS 4.0 score of 9.3, reflecting its high impact and ease of exploitation.
Mitigation Recommendations
Upgrade marimo to version 0.23.0 or later, where this vulnerability is fixed by adding proper authentication validation to the /terminal/ws WebSocket endpoint. Since this is a self-hosted product, users must apply the update themselves. Patch status is confirmed fixed in version 0.23.0.
CVE-2026-39987: CWE-306: Missing Authentication for Critical Function in marimo-team marimo
Description
Marimo versions prior to 0. 23. 0 contain a critical vulnerability in the /terminal/ws WebSocket endpoint that lacks authentication validation. This allows unauthenticated attackers to gain a full PTY shell and execute arbitrary system commands remotely. The vulnerability arises because unlike other endpoints, /terminal/ws does not call the validate_auth() function and only checks running mode and platform support. This issue is fixed in version 0. 23. 0. The vulnerability has a CVSS 4. 0 score of 9.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2026-39987 is a critical missing authentication vulnerability (CWE-306) in the marimo reactive Python notebook prior to version 0.23.0. The /terminal/ws WebSocket endpoint does not perform authentication checks, allowing unauthenticated remote attackers to obtain a full PTY shell and execute arbitrary commands on the system. Other WebSocket endpoints properly validate authentication, but /terminal/ws only verifies running mode and platform support before accepting connections. This vulnerability enables remote code execution without any user interaction or privileges. The issue is resolved in marimo version 0.23.0.
Potential Impact
An unauthenticated attacker can remotely execute arbitrary system commands with full PTY shell access via the vulnerable /terminal/ws endpoint. This leads to complete compromise of the affected system running marimo versions prior to 0.23.0. The vulnerability is rated critical with a CVSS 4.0 score of 9.3, reflecting its high impact and ease of exploitation.
Mitigation Recommendations
Upgrade marimo to version 0.23.0 or later, where this vulnerability is fixed by adding proper authentication validation to the /terminal/ws WebSocket endpoint. Since this is a self-hosted product, users must apply the update themselves. Patch status is confirmed fixed in version 0.23.0.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2026-04-08T00:01:47.629Z
- Cvss Version
- 4.0
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 69d7e6ff1cc7ad14dafe8dec
Added to database: 4/9/2026, 5:50:55 PM
Last enriched: 5/1/2026, 8:51:19 PM
Last updated: 5/24/2026, 10:54:28 PM
Views: 128
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.