The tiny editor has some big features.

The CVSS‑9.3 vulnerability allows unauthenticated remote code execution on exposed Marimo servers and was exploited in the wild shortly after disclosure, Sysdig says.

Marimo is an integrated development environment for Python that combines code, results, visualizations, and documentation.

Kate is what Notepad++ wishes it could be ...

Marimo CVE-2026-39987 exploited within 10 hours of disclosure, enabling unauthenticated RCE and credential theft, emphasizing urgent patching needs.