Skip to content
The Nexus
DossierENTITY

Marimo

Coverage of Marimo in the Nexus archive.

Earliest in view: Apr 10 · 07:37 UTCMost recent: May 29 · 14:39 UTC
Co-mentioned in this coverage
Recent coverage
  • SECURITYMay 29 · 14:39 UTCTHE HACKER NEWS
    Attackers Use LLM Agent for Post-Exploitation After Marimo CVE-2026-39987 Exploit

    An unknown threat actor used an LLM agent for post-compromise actions after exploiting a publicly-accessible Marimo network via CVE-2026-39987, extracting cloud credentials from the compromised system.

  • SECURITYApr 16 · 16:58 UTCBLEEPING COMPUTER
    Hackers exploit Marimo flaw to deploy NKAbuse malware from Hugging Face

    Hackers are exploiting a critical vulnerability in the Marimo reactive Python notebook to deploy a new variant of NKAbuse malware, which is hosted on Hugging Face Spaces. This security flaw allows malicious actors to distribute malware through a popular machine learning platform.

  • SECURITYApr 12 · 14:20 UTCBLEEPING COMPUTER
    Critical Marimo pre-auth RCE flaw now under active exploitation

    A critical pre-authentication remote code execution (RCE) vulnerability in Marimo is being actively exploited for credential theft. The flaw allows attackers to execute arbitrary code without prior authentication, posing significant security risks.

  • SECURITYApr 10 · 07:37 UTCTHE HACKER NEWS
    Marimo RCE Flaw CVE-2026-39987 Exploited Within 10 Hours of Disclosure

    A critical remote code execution vulnerability (CVE-2026-39987) in Marimo, a Python data science notebook, was exploited within 10 hours of disclosure. The flaw affects all versions up to a specific release and was identified by Sysdig with a CVSS score of 9.3.