CVE-2026-39987 - Geek Feed

Hackers exploit Marimo flaw to deploy NKAbuse malware from Hugging Face

April 19, 2026April 19, 2026 geekfeed0Tagged Actively Exploited, CVE-2026-39987, Hugging Face, malware, Marimo, NKAbuse, rce, Remote Code Execution

Hackers are exploiting a critical vulnerability in Marimo reactive Python notebook to deploy a new variant of NKAbuse malware hosted on Hugging Face Spaces. Attacks leveraging the remote code execution flaw (CVE-2026-39987) started last week for credential theft, less than 10 hours after technical details were disclosed publicly, according to data from cloud-security company Sysdig. Sysdig researchers continued […]

3 mins read

Critical Marimo pre-auth RCE flaw now under active exploitation

April 15, 2026April 15, 2026 geekfeed0Tagged Actively Exploited, CVE-2026-39987, Marimo, Pre-Authentication, rce, Remote Code Execution, vulnerability

Hackers started exploiting a critical vulnerability in the Marimo open-source reactive Python notebook platform just 10 hours after its public disclosure. The flaw allows remote code execution without authentication in Marimo versions 0.20.4 and earlier. It tracked as CVE-2026-39987 and GitHub assessed it with a critical score of 9.3 out of 10. According to researchers at cloud-security […]

3 mins read