Vulnerability Description
OmniGen2-RL contains an unauthenticated remote code execution vulnerability in the reward server component that allows remote attackers to execute arbitrary commands by sending malicious HTTP POST requests. Attackers can exploit insecure pickle deserialization of request bodies to achieve code execution on the host system running the exposed service.
CVSS Score
CRITICAL
Related Weaknesses (CWE)
References
- https://arxiv.org/abs/2506.18871
- https://chocapikk.com/posts/2026/omnigen2-pickle-rce/
- https://github.com/VectorSpaceLab/OmniGen2/blob/3a13017e532f9f309a38bca571fd6220
- https://github.com/VectorSpaceLab/OmniGen2/blob/3a13017e532f9f309a38bca571fd6220
- https://github.com/VectorSpaceLab/OmniGen2/blob/3a13017e532f9f309a38bca571fd6220
- https://github.com/VectorSpaceLab/OmniGen2/pull/139
- https://www.vulncheck.com/advisories/omnigen2-rl-reward-server-unsafe-deserializ
FAQ
What is CVE-2026-25873?
CVE-2026-25873 is a vulnerability with a CVSS score of 9.8 (CRITICAL). OmniGen2-RL contains an unauthenticated remote code execution vulnerability in the reward server component that allows remote attackers to execute arbitrary commands by sending malicious HTTP POST req...
How severe is CVE-2026-25873?
CVE-2026-25873 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2026-25873?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.