Skip to main content

Marimo

1 CVEs product

Monthly

CVE-2026-54386 PyPI MEDIUM PATCH This Month

Reflected XSS in the marimo notebook server before version 0.23.9 enables unauthenticated remote attackers to inject and execute arbitrary JavaScript in the origin of a victim's marimo server by supplying a crafted `file` query parameter. The flaw stems from improper single-quote escaping in assets.py when reflecting the parameter into an inline JavaScript string literal; attackers bypass the server's 404 check by prefixing payloads with `__new__`, and execution occurs without Content-Security-Policy restrictions. No active exploitation is confirmed (not in CISA KEV) and no public exploit code has been identified at time of analysis, though the attack mechanism is straightforward for a motivated attacker targeting shared or collaborative marimo deployments.

XSS Marimo
NVD GitHub
CVSS 4.0
5.1
EPSS
0.2%
EPSS 0% CVSS 5.1
MEDIUM PATCH This Month

Reflected XSS in the marimo notebook server before version 0.23.9 enables unauthenticated remote attackers to inject and execute arbitrary JavaScript in the origin of a victim's marimo server by supplying a crafted `file` query parameter. The flaw stems from improper single-quote escaping in assets.py when reflecting the parameter into an inline JavaScript string literal; attackers bypass the server's 404 check by prefixing payloads with `__new__`, and execution occurs without Content-Security-Policy restrictions. No active exploitation is confirmed (not in CISA KEV) and no public exploit code has been identified at time of analysis, though the attack mechanism is straightforward for a motivated attacker targeting shared or collaborative marimo deployments.

XSS Marimo
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy