COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2026-39987

CVE-2026-39987

Severity
high · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2026-04-23
Reference
https://nvd.nist.gov/vuln/detail/CVE-2026-39987
⚡ RCE ⌖ exploited in the wild shame 85/100 rceexploited-in-wildsupply-chain

Marimo's Marimo product allows unauthenticated attackers to execute arbitrary system commands via CVE-2026-39987.

This pre-authentication RCE vulnerability enables attackers to gain shell access and execute arbitrary commands without authentication, posing a severe risk to DIB organizations relying on Marimo for security-critical infrastructure. Immediate patching and network segmentation are required to prevent unauthorized access and potential data exfiltration.

Shame score — A pre-authentication RCE vulnerability allows unauthenticated attackers to execute arbitrary system commands, representing a critical security failure that could lead to significant data breaches and compliance violations.

Players implicated

Marimo · vendorMarimo · product

Description

Marimo contains an pre-authorization remote code execution vulnerability, allowing an unauthenticated attacked to shell access and execute arbitrary system commands.

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.